2019 Community Bank Auditors Group
Internal Audit Training

April 4-5, 2019 | Embassy Suites-Destiny USA, Syracuse


Changing regulatory compliance imperatives, new products, new technology risks, and new accounting pronouncements create ever more challenges for audit professionals. Internal auditors need to be aware of these changes and develop audit plans and programs to verify that these risks are properly mitigated.  This course is geared to help internal auditors expand their knowledge and enhance their audit programs.

Please note that members of the Community Bank Auditors Group may register at the NYBA member rate.

Course is designed and presented by  

Schedule and Registration form coming soon

Rooms at the Embassy Suitesclick here to reserve online

Questions: Call 212-297-1666, or email education@nyba.com.

April 4, 2019

Introduction  9:00 – 9:25
Auditing Electronic Funds Transfer  9:35 – 10:30

Allowance for Loan and Lease Losses, and CECL Update: Current Trends and Expectations

10:45 – 12:00


12:00 – 1:00

Auditing Asset Liability Management: Interest Rate Risk Overview

1:00 – 1:55

Effective Report Writing

2:00 – 2:30


2:30 – 2:45

Consumer Compliance Updates

2:45 – 4:00

Panel Discussion – Embracing Opportunity Demands – Internal Audit Transformation

4:15 – 5:00

April 5, 2019

Essentials of Risk Management and Enterprise Risk Management

9:00 – 10:30


10:30 – 10:45

Essentials of Risk Management and Enterprise Risk Management (cont.)

10:45 – 11:30

Data Analytics

11:30 – 12:30


12:30 – 1:30

Third Party Risk

1:35 – 2:30


2:30 – 2:45

Control Design Evaluation and Operating Effectiveness

2:45 – 4:00

Course Information

Auditing Electronic Funds Transfer
This training will be a practical, “hands-on” discussion of effective practices in auditing the Electronic Funds Transfer function. Attendees will also learn about regulatory advancements and trends that we currently see in the Banking environment.  Topics will include:

  • Overview of the electronic funds transfer function as it relates to the regulatory environment
  • Analysis of electronic funds transfer s fraud with specific real life examples
  • Internal audit objectives and procedures:
    • Wire transfer, including foreign wire transfers
    • Automated clearing house (ACH)
    • Internet banking
    • Remote deposit capture
    • Mobile deposit capture
  • NACHA rules updates
  • Compliance impact, including Regulation E

Allowance for Loan and Lease Losses, and CECL Update: Current Trends and Expectations
This training will discuss recent updates to ALLL and how it impacts the internal audit plan. For organizations not required to comply with CECL this will focus on leading practices with ALLL. Specifically:

  • Discuss common regulatory and industry guidance and apply to the ALLL calculation
  • Examine issues frequently raised by regulators, related to the ALLL calculation
  • Share recent trending topics related to credit quality and the ALLL that are impacting banks
  • Explain Accounting StandardsUpdate No. 2016-13, Financial Instruments – Credit Losses: Measurement of Credit Losses on Financial Instruments, specifically focusing on changes from the probable incurred methodology to the CECL methodology
  • Examiner CECL related interagency regulatory guidance, including the Joint Statement on the New Accounting Standard on Financial Instruments – Credit Losses

Auditing Asset Liability Management: Interest Rate Risk Overview
This training will discuss the core concepts within Asset Liability Management. Specifically, this training will:  

  • Describe methods for measuring interest rate risk
  • Defining the types of assumptions used in interest rate risk simulation analysis
  • Testing the appropriateness of the assumptions in an interest rate risk measurement model
  • Measuring the adequacy of the sensitivity of assumptions
  • Identify the details of regulatory requirements specific to liquidity and interest rate risk management
  • Interest Rate and Liquidity Risk and the Governance process

Effective Report Writing
This training will discuss effective methods for internal audit report writing: Specifically:

  • Objectives of audit reports and report structure
  • Identifying readability and presentation factors of audit reports
  • Assessing the basic quality of audit reports
  • Defining the requirements necessary when documenting audit findings
  • Listing the aspects necessary when documenting audit findings
  • Listing and defining the three risk priority ratings assigned to audit findings

Consumer Compliance Updates
This training will go through a high level overview of the regulation and factors to consider when auditing. In addition, the training will focus on any applicable updates to the consumer compliance regulations.   Specifically:

  • Code of Regulations
  • Deposits and Lending
  • Regulation Z, CC, O
  • Community Reinvestment Act
  • Fair Credit Reporting
  • Floor Disaster Protection Act
  • Fair Debt Collection Practices Act
  • Homeowners Protection Act
  • HUD’s Regulation X – Real Estate Settlement Procedures Act
  • Regulation AA – Unfair or Deceptive Acts and Practices
  • FDIC Advertisement of Membership

Panel Discussion – Embracing Opportunity Demands: Internal Audit Transformation
This will be a panel discussion that will focus on the trends of how internal audit is changing and where it is going in the future. This thought provoking conversation will have attendees thinking about how they can advance their department without breaking the budget. Specifically:

  • Understanding the need for change regardless of the size of the bank
  • Positioning internal audit as a leader in innovation
  • Adding value through resource development
  • Adopting and embracing internal audit process advancements


    Question and answer session will follow.


Essentials of Risk Management and Enterprise Risk Management
This training will discuss Enterprise Risk Management (ERM) and the related roles that Internal Audit plays in auditing that function. Specifically:

  • The separation of the second line and the third line of defense
  • ERM implementation and when to audit
  • Importance of Risk Appetite Statement
  • COSO’s ERM framework update
  • Risk culture
  • Auditing an ERM program
  • Including the Bank’s strategy when auditing the ERM function

Data Analytics
This training will highlight how data analytics is a key component driving internal audit, common types of data analytics utilized to evaluate internal controls for all Bank sizes, maturity levels of data analytics program and the future of data analytics in internal audit. Specifically, attendees will be able to:

  • Distinguish data analytics levels and maturity – from ad hoc to predictive analytics
  • Recognize the challenges internal audit encounters when commencing and/or progressing their analytics capabilities/functions
  • Explore how data analytics can highlight risks and answer any pressing questions
  • Gain insight in preparing today’s internal audit function for the future of big data, artificial intelligence and machine learning
  • Real life examples of using data analytics in internal audit will be discussed. 

Third Party Risk
This training will discuss third-party related risks as well as techniques that can be used by the Internal Audit function for effectively evaluating third-party risk. Specifically:

  • Understanding cyber-related incidents and contingency plan failures
  • Integrating vendor management oversight into critical bank processes
  • Evaluating the adequacy of third-party risk management

Control Design Evaluation and Operating Effectiveness
This training is designed to provide tools for re-evaluating key/significant controls or SOx/FDICIA program reviews. Internal audit is often asked to assist management in the evaluation and enhancements of key controls and this training will provide the tools to assist participants with this task.  Specifically:

  • Recognize key/significant controls and associated risks as part of the implementation phase;
  • Determine if current key controls are practical or applicable to the Bank size or environment
  • Effectively questioning control owners on the current key controls
  • Identifying control gaps
  • Design adequate test steps
  • Determine sample sizes
  • Evaluate roll forward and remediation requirements
  • Evaluate and communicate results