In-depth features, designed to help financial services auditors meet their daily challenges.


Facing a Headwind (Oct. 9, 2013)
Financial institution auditors are up against a host of Challenges and must stay the course to effectively manage risk.

New "RoboCop" Tasked with Busting Fraudulent Financila Report Filers (Oct. 9, 2013)
Experts caution that the automated risk identification and ranking system could inadvertently subject innocent public companies that stand out from peer filers to lingering and costly investigations. 

The Regulatory Risks of Social Media -- Evolving Interpretations (July 10, 2013)
Three social media case studies give a preview of what new regulations may be on the horizon. 

Many Organizations Remain Ill-equipped to Prevent or Respond to Data Breaches (July 10, 2013)
Protiviti’s annual IT security and privacy survey of U.S.-based organizations finds many have heightened data security and legal liability risks.

Auditing Social Media Risks for Financial Institutions (April 10, 2013)
Internal auditors should pay attention to regulators' guidance addressing social media when assessing their risk management program. 

Using Linguistics as a Lie Detector (April 10, 2013)

Learning to listen for distinct speaking patterns and cues can help internal auditors become more effective during their investigations and interviews. 

Banking Risk (Jan. 9, 2013)
Conducting meaningful independent reviews of interest rate risk and liquidity risk management can not only help satisfy regulatory requirements, but also can demonstrate a thorough understanding of the complex process.

Maximizing Audit Leadership Potential (Jan. 9, 2013)
By tapping into their leadership potential, internal auditors can help influence their organization’s success as it wrestles with decreased revenues, regulatory changes, fraud prevention, and heightened market pressures.

Auditing the Auditors (Oct. 19, 2012)
Seven steps chief audit executives can take to help internal audit meet heightened regulator expectations.

Staying on Track (Oct. 19, 2012)
IIA President & CEO Richard Chambers outlines five key risks that could interfere with internal audit’s rising stature.

Strong Internal Audit (July 11, 2012)
US Bancorp leverages The IIA’s International Professional Practices Framework and Internal Audit Capability Model to meet heightened expectations.

Understanding Non-cash Payment Processing – Part 2 (July 11, 2012)
An auditor’s best line of defense in information security is understanding related standards and regulations and keeping ahead of emerging trends.

Auditing the Consumer Complaints Process
(April 11, 2012)
Assessing the effectiveness of an institution’s consumer complaint resolution process can help identify potential internal control deficiencies and regulatory compliance risks. 

Understanding Non-cash Payment Processing — Part 1 (April 11, 2012)
As payment channels emerge, change, are adopted, or fade away, the associated risks also change, making it increasingly challenging to assess the impact on the risk/reward equation.

Fair Lending is High on the Regulatory Radar — Are You Ready? (Jan. 11, 2012)
Internal auditors can help call attention to lending discrimination and compliance issues with federal regulations. . 

Learning to "BLUF"  (Jan. 11, 2012)
By putting the "bottom line up front," internal auditors can ensure that the messages in their emails are received.

The New "A" in UDAAP (Oct. 26, 2011)
The new regulatory "abusive acts" standard introduces additional considerations for financial services internal auditors. 

Derivatives Danger (Oct. 26, 2011)
Internal auditors can play a role in reining in the complex risks associated with financial instrument

Auditing SCRA Compliance (July 20, 2011)
Internal auditors should know the financial and credit protections afforded to military servicemembers and their families.

Have You Conducted a Data Protection Audit Lately? (July 20, 2011)
Annual reviews of data access and controls can help prevent costly breaches.

Don't Get Caught in the Regulatory Flood (April 13, 2011)
Internal auditors can help ensure their institutions are compliant with flood insurance regulations and avoid hefty fines for violations.

Using Automation for the Early Detection and Prevention of Fraud (April 13, 2011)
Automated tools can assist auditors in processing large amounts of data in an effort to protect the company from would-be thieves.

Auditing FCRA Compliance (Jan. 19, 2011)
Internal auditors should know the issues surrounding protection of consumer information.

GAAP and IFRS: Reconciling Fair Value Measurements
(Jan. 19, 2011)
Understanding what’s to come with the adoption of IFRS will give internal auditors an opportunity to get involved with their company’s accounting conversion process.  

International ACH Transactions
(Oct. 20, 2010)
Through ongoing monitoring and testing, internal auditors play a vital role in ensuring their organizations comply with new IAT rules and avoid costly financial penalties.

Governance Key to Basel III (Oct. 20, 2010)
Regulators look to “third line” — internal auditors — to mitigate systemic risk and ensure compliance with the new financial regulation.

Tools of the Trade    (July 8, 2010)
Internal auditors who use computer-assisted audit tools can significantly increase their efficiency and effectiveness. There are few business processes today that are not driven by some form of automation.

Assess Your Organization's Code of Ethics   (July 8, 2010)
Ethics — or lack thereof — has great visibility in the world today. Charles Keating, Ken Lay, Bernie Ebbers, Andy Fastow, Martha Stewart, Bernie Madoff, Nevada Sen. John Ensign, former Illinois Gov. Rod Blagojevich, and South Carolina Gov. Mark Sanford are names that, when heard, raise the same question: “What were they thinking?”  

Streamlining Compliance for Community Banks (April 14, 2010)
Internal auditors can assist management in minimizing compliance costs and ensure their organization is in a position to effectively and efficiently manage control documentation exercises.

The Diversification Fallacy in Commercial Bank Risk Management Programs (April 14, 2010)   
With little guidance from regulatory agencies, internal auditors have been relegated to blindly validating information affectiong banks' risk profiles.

Risk Management in Outsourcing (Jan. 20, 2010)
Internal auditors can help financial institutions mitigate the distinctive risks emerging from outsourcing arrangements.

Where is the Monitoring? (Jan. 20, 2010)
As financial services companies enhance their combined governance, risk management, and compliance programs, they may be missing the important monitoring needed to ensure their effectiveness.

ERM in the Aftermath of the Credit Crisis (October 21, 2009)
Poor risk management practices may have caused the global financial recession. The time has come for banks to implement strong enterprise risk  management programs.

Transformational Audit Leadership (Oct. 21, 2009)
In uncertain times, internal auditors at financial firms need to develop the leadership skills, vision, values, and strategy to become a powerful voice for organizational change.

Emerging Issues for Small Bank Auditors (Oct. 21, 2009)
Uncertain economic conditions, regulatory reform, and an expanded audit focus loom large over internal auditors at small banks.

Five Key Components of a Successful Small Audit Department (July 22, 2009)
An insurance company's internal audit department successfully completed its first quality assessment by focusing on audit methodology, staffing, training, technology, and network.

A Bad News/Good News Story (July 22, 2009)
Panelists at The IIA's Financial Services Conference say the intensified focus on risk management and accountability is an opportunity for internal auditors to add value.

A Giant Step to Strengthen Bank Risk (July 22, 2009)
The Obama administration's proposed banking regulatory overhaul could bring colossal changes to financial sector oversight and risk management in the United States.

Internal Auditing: The Way Forward (April 15, 2009)
The current financial crisis presents internal auditing with an opportunity to enhance its contribution to organizations by becoming more actively involved in evaluating the quality of risk management processes.

Six Steps to an Effective Continuous Audit Process  (April 15, 2009)
Establishing priority areas and determining the process' frequency are two of the six steps that internal auditors and senior managers need to take into consideration before making the switch to continuous auditing.

Facing the E-discovery Challenge: A Proactive Approach (Jan. 29, 2009)
As e-discovery continues to play an increasing role in corporate litigation, internal auditors need to develop data retention policies that ensure the safe storage and accurate retrieval of electronic data.

Case Study: Changing Perceptions of Internal Auditing (Jan. 29, 2009)
Hosting an open house is an excellent way to educate co-workers about internal auditing and recruit new talent for an internal audit department.

E-Mail 101: Back to Basics (Oct. 15, 2008)
By examining their e-mail practices, internal auditors can ensure appropriateness, efficiency, and accuracy before pressing "send."

Embedding Enterprise Risk Management Into the Internal Audit Process (Oct. 15, 2008)
Internal auditors can add strategic value to their organizations' ERM programs by synchronizing ERM and internal audit work, helping develop the ERM strategy, and giving proactive advice while being flexible and responsive.

Evaluating SAP Controls for Sarbanes-Oxley Compliance (July 16, 2008)
Internal auditors can play a vital role in helping small and mid-size organizations achieve Sarbanes-Oxley compliance by optimizing the audit of IT general controls in SAP processes.

Dealing With Employee Fraud (July 16, 2008)
Internal auditors can help their organizations win the fight against fraud by working to establish a fraud policy, reacting quickly to suspicions, maintaining an unbiased attitude, and properly gathering and securing evidence.

Using GAIT for PCI Compliance (July 16, 2008)
As organizations continue to work on their PCI compliance initiatives — or begin the PCI compliance journey — internal auditors can provide much-needed support by using the steps outlined in the GAIT methodology.

Five Common Spreadsheet Risks and Ways to Control Them (April 15, 2008)
Most internal auditors have used spreadsheet software for common tasks, such as calculating complex revenue adjustments and preparing financial reports. And, while spreadsheets can be excellent tools during an audit review, many internal auditors are still not aware of their potential risks.

Enhancing Audit Efficiencies: Maximizing the Use of Technology (April 15, 2008)
To help internal audit departments assess their options for enhancing audit efficiencies, a panel of experts convened for the September 2007, internal audit webcast, "Enhancing Auditing Efficiencies: Maximizing the Use of Technology."

Greed is Good, at Least for Characters in the Movies (April 15, 2008)
An examination of the similarities between the savings and loan crisis of the 1980s and the mortgage meltdown of today.

Following Fundamentals Detects Fraud (Jan. 15, 2008)
An internal audit success story of good detective work triumphing over unscrupulous behavior.

Is Your Organization Ready for a PCI Standard Audit? (Jan. 15, 2008)
Many online retailers and service providers are still trying to comply with the Payment Card Industry standard. However, with a little help from auditors, companies can be one step closer to compliance.

Five Ways to Sharpen Your Writing Skills (Jan. 15, 2008)
By improving their writing skills, internal auditors can help boost their organization's productivity, which can increase the organization's bottom line.

Effective Data Mining for Financial Services Companies (Oct. 15, 2007)
Is internal auditing making the most of your organization's data? Data mining techniques are a good addition to any organizations toolbox.

Extracting Information From Spreadsheet Records (Oct. 15, 2007)
Spreadsheet lookup functions enable internal auditors to perform important processing tasks, such as extracting information from entire record sets or finding unmatched records within.

Internal Auditing's Role in Business Continuity (Oct. 15, 2007)
Planning for the unexpected has become a core component of many organizations and internal auditors play a vital role in helping maintain the health of business continuity plans.

Getting Started with GAIT (July 15, 2007)
Practical tips and techniques for using and effectively implementing GAIT to scope IT controls for Sarbanes-Oxley compliance.

SEC Publishes Its Guidance for Management on Evaluating Internal Controls (July 15, 2007)
Approximately one month after the SEC approved its interpretive guidance for management’s evaluation and assessment of internal control over financial reporting, the document is available to the public.

Best Practices for Developing Online Communication Guidelines (April 15, 2007)
Establishing effective online communication policies and procedures may prevent employee misuse of corporate resources and promote compliance with internal regulations.

IIA Responds to PCAOB and SEC Exposure Drafts (April 15, 2007)
The IIA contributed comments and suggestions to the PCAOB's proposed auditing standard and the SEC's proposed management guidance to improve the efficiency of implementing Section 404.