How to Respond to an Internal Control Failure

Getting audited is never an easy thing to go through, and failures within internal control can be crippling to an organization. But all findings in an audit are really about how to help improve a banking institution rather than hurt it. Findings in an audit are all helpful byproducts of the internal control failure process. What it comes down to is how a bank responds to these failures.

While it may be tempting to either not respond or respond with a defensive attitude, a bank’s leaders can band together to put the best foot forward and come out of this opportunity even better. While findings are public information, accepting responsibility and outlining a correct plan can save a bank’s reputation.

Getting Everything in Order

It’s always a good rule of thumb to not only have an action plan in place in case of audit findings, but also have a solid coverage plan lined up. Insurance for banks can make a huge difference in penalties and fees due to an audit’s fallout. Make sure to speak with an insurance broker who can help guide a banking institution through a trying time.

Typically audits find three common findings in internal control failures. These are findings related to deficiencies over financial reporting, single audit findings related to compliance requirements from funding, and a management letter that details concern. The latter is a private document that’s meant to offer advice for continuous improvement.

Corrective Action

The best thing to do is to own up to audit findings and craft an outlined plan that will help to move the business forward. This will show commitment to fixing the issue at hand. A corrective plan should pinpoint how the changes a team comes up with will help prevent future issues related to the audit’s original findings.

Altogether, a response should supply enough detail to earn the approval of those who it’s due to. Auditors will conduct follow-up procedures in the next audit period, so it’s hugely important to make sure solid steps have been taken to not repeat what’s happened before.

Disagreeing & Responding

Banking institutions do have the ability to not respond at all or respond in a much more aggressive tone. Either of these are not recommended as action needs to take place regardless. If a bank really does feel the audit is a mistake or the findings are not supported, they can cautiously disagree and request more explanation and overall proof related to the findings. Make sure to supply clear and specific evidence that a finding is not supported.

Finally, an institution does not in fact have to respond. But silence may not be viewed as the best remedy to a problem as this reflect poorly on a company’s stewardship and accountability.

About Financial Guaranty Insurance Brokers

Since 1983, Financial Guaranty Insurance Brokers has distinguished itself as a provider of Professional Liability, Cyber Liability, and Crime insurance products for entities of all types. To receive timely, personalized service from a knowledgeable and experienced staff, call us today at (626) 793-3330 to speak with one of our professionals.