Audit Procedure - ACUIA



|Audit Procedure |By: |Reference/Comments |

|Audit Objectives | | |

|1. Determine the adequacy of internal controls. | | |

|2. Determine that management engages in permissible activities or services. | | |

|3. Determine the degree of risk management poses to CU. | | |

|4. Determine that management is in compliance with the applicable NCUA and | | |

|SEC regulations. | | |

|Audit Procedures | | |

|Preliminary | | |

|1. Review and update PAF as necessary. | | |

|2. Update status on prior audit findings (from IAD, external and regulatory | | |

|exams) for proper management follow up. | | |

|Internal Controls | | |

|1. Through discussion with management and review of written manuals, | | |

|document management policies & procedures. | | |

|2. Via test work throughout the audit, note any processes without a | | |

|corresponding P&P, and ensure that existing P&Ps are being adhered to. | | |

|3. Detail the services offered by management, and obtain general information| | |

|about management’s business (e.g., request an organization chart, business | | |

|plan, goals, bylaws, contract with 3rd party providers). | | |

|4. Evaluate adequacy of the controls, and revise audit program as needed, | | |

|placing primary emphasis upon weaknesses noted in reviewing operations. | | |

|Management & Operations Review | | |

|1. Review business plan and determine if it includes: | | |

|A statement of goals (including profitability goals) and objectives; | | |

|Policies, procedures, and timeframes for achieving goals and objectives; | | |

|Audit Procedure |By: |Reference/Comments |

|Budget projections demonstrating management’s efforts to meet profitability | | |

|and capitalization goals, and achieve self-sufficiency; and | | |

|Monitoring techniques to inform management of the operations status. | | |

|2. Obtain resumes and employee evaluations to assess adequacy of managerial | | |

|personnel. | | |

|3. Determine if level of supervision over management is adequate. | | |

|Financial Condition & Accounting | | |

|1. Evaluate management’ financial condition to: | | |

|Determine its ability to meet its goals, objectives and financial | | |

|projections; | | |

|Analyze its prospects for future success; and | | |

|2. Test accounting balances and entries as deemed appropriate, such as: | | |

|Reconcile G/L accounts; | | |

|Reconcile accounts to subsidiary ledgers; | | |

|Determine the existence of any accrual agings to determine status, and | | |

|ensure that a corresponding valid account exists, using confirmations as | | |

|needed. | | |

| | | |

|3. Review notes to financials (e.g. for contingent liabilities and | | |

|outstanding commitments.). Follow up on any pertinent items/issues. | | |

|Privacy | | |

|1. Determine if Privacy of Consumer Financial Information requirements are | | |

|being adhered to. | | |

|IS Processing | | |

|1. Review 3rd party vendor IS audit, and follow up on applicable issues. | | |

|Audit Procedure |By: |Reference/Comments |

|2. Review IS data security controls and determine if access to the system is| | |

|adequately limited. | | |

|3. Review disaster recovery program for adequacy. | | |

|Regulatory Compliance | | |

|1. Determine if management is familiar with applicable CU regulations such | | |

|as BSA, NASD Rule 3011, NCUA Parts 721 and 716 and NCUA 10-FCU-03.) | | |

|2. Determine personnel’s compliance with broker’s licensing requirements. | | |

|3. Note system by which management becomes aware of applicable regulatory | | |

|issues. | | |

|4. Determine if management maintains appropriate levels of liability | | |

|insurance and bonding. | | |

|Ensure that management periodically reviews the coverage to ensure adequate | | |

|protection. | | |

|Credentials | | |

|1. Document types of broker licenses held by investment sales personnel. | | |

|2. Inquire about any disciplinary actions in the background of personnel | | |

|hired for the sale of non-deposit products. | | |

|a. Review for existence of client complaints or other evidence of | | |

|dissatisfaction with department employees and/or broker. Use | | |

|and/or other similar sites[1] | | |

|b. Obtain credit reports on brokers, and ensure that any derogatory items | | |

|have been sufficiently explained.[2] | | |

| | | |

| | | |

|Audit Procedure |By: |Reference/Comments |

|3. Review compliance with ERISA Act of 1974 if broker handles any retirement| | |

|programs (e.g., CU staff’s pension). | | |

|4. Review requirements of 3rd party vendor and ensure compliance to their | | |

|requirements. | | |

|NCUA Letter 10-FCU-03 | | |

|1. Read and become familiar with NCUA Letter 10-FCU-03 (which replaced NCUA | | |

|Letter 150) | | |

|2. Ensure that staff is familiar with the letter. | | |

|3. Ensure compliance with the Letter by completion of “NCUA Letter 10-FCU-03| | |

|ICQ.” | | |

|4. Perform appropriate test work, including supporting documentation and | | |

|work papers during the completion of the ICQ. Some of this can be achieved | | |

|in conjunction with the Broker Services Review section. | | |

|5. Ensure that management maintains compliance programs capable of verifying| | |

|compliance with the guidelines specified in the Letter and with any other | | |

|applicable requirements. | | |

|Ensure that the compliance function is performed independently of investment| | |

|product sales and management. | | |

|Ensure that at a minimum the compliance function includes a system to | | |

|monitor member complaints and to periodically review member accounts to | | |

|detect and prevent abusive practices. | | |

|Broker Services Review | | |

|1. Obtain a listing of all client accounts and balances as of the audit | | |

|date. | | |

|2. Verify authenticity by confirming a sample of accounts and balances. | | |

|3. Determine the location of the following security transaction items, and | | |

|control them until the audit is completed: | | |

|a. Undelivered securities; | | |

| | | |

|Audit Procedure |By: |Reference/Comments |

|2. | | |

|b. Members’ orders in process; | | |

|c. Acknowledgment from brokers regarding orders in process; | | |

|d. Files of completed instructions. | | |

|4. Review uncompleted member and broker/dealer transactions: | | |

|a. Examine purchase and sale orders for proper completion (officer’s | | |

|signature, members’ instructions, etc.); | | |

|b. Examine securities on hand for negotiable status (sales) or for | | |

|registration in accordance with the members’ instructions (purchases); | | |

|c. Review broker’s acknowledgments of orders. Examine broker’s receipts for | | |

|securities transmitted to him or her for sale, transfer, or re-registration;| | |

|d. Follow up for proper charges (purchases) or credits (sale to members’ | | |

|accounts). | | |

|e. Trace service charges or bond dealer fees to the income account. | | |

|f. Determine if broker’s “Opening New Accounts” guidelines are being met. | | |

|g. Determine that there is a valid reason for all unexecuted orders and | | |

|follow to subsequent execution. | | |

|5. For completed transaction files, test-check a sample of completed member | | |

|and broker/dealer transactions: | | |

|a. Ensure that the brokerage account type is per the client’s instructions, | | |

|and that the investments objective is suitable for the client. | | |

| | | |

| | | |

|Audit Procedure |By: |Reference/Comments |

|b. Ensure that documentation for the account type follows guidelines noted | | |

|in “Opening New Accounts” and/or “Investment Processing sections of Broker | | |

|Manual, including where applicable, evidence that the client information was| | |

|checked against the following 3 lists: | | |

|1) Terrorist List; | | |

|2) OFAC; and | | |

|3) The Financial Action Task Force. | | |

|c. Ensure that broker’s Anti-Money Laundering documentation guidelines are | | |

|being followed including: | | |

|Proper ID verification; | | |

|Account holder’s full name, mailing address, residence address, DOB and | | |

|country of citizenship; | | |

|SSN/Tax ID number, or passport number and issuing country; | | |

|Net worth, annual income, liquid net worth, tax bracket, and approximate | | |

|account value; | | |

|Account holder’s Investment Objective and Investment Experience; | | |

|Account holder’s source of funds to be used for investment purposes; | | |

|Occupation/nature of business, and name & address of employer; | | |

|Spouse’s employer, position and employment address; | | |

|Audit Procedure |By: |Reference/Comments |

|Signature of registered representative and branch manager; and | | |

|Information concerning client association with (or employment by) another | | |

|NASD firm. | | |

|d. Ensure that the source of client funds is a check listed as “acceptable” | | |

|in broker’s Anti-Money Laundering Guide. | | |

|e. Ensure there is a confirmation sheet or log with confirmation number for | | |

|all transactions in client file; | | |

|f. Review the broker’s acknowledgment of order, noting the price, etc; | | |

|g. Trace the credit union’s fee or bond dealer fee, where applicable, to the| | |

|income account; | | |

|h. Check the prices at which transactions were executed against an | | |

|independent source of market information; and | | |

|i. Examine the transmittal form for member’s signature on purchases | | |

|indicating receipt of securities. | | |

| | | |

| | | |

| | | |

| | | |

| | | |

| | | |

| | | |

| | | |

| | | |

| | | |

-----------------------

[1] See NAFCU Compliance Report Vol. 16 #4 in PAF for more details on FINRA BrokerCheck.

[2] If it can be documented that LPL has performed this within the past 12 months this can be waived.

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download