Independent Audit

As part of its active oversight of the non-deposit investment program, the Board should require - and review the results of - an independent audit. The independent audit should be conducted at least annually. As with the BSA independent audit, the NDIP audit should be conducted by personnel that are truly independent of the product. "Independent" means someone who is not connected to the program The audit must be conducted by someone who is not motivated to benefit from the sale of the product. Thus, the best candidates for this audit are the internal auditor, the compliance department (if not involved in the program) or an outside auditor. The FDIC's examination procedures include a list of what the independent audit should cover.

Consumer complaints
The independent audit should also review any complaints the bank or third party vendor has received about the program. The audit should carefully look at how the bank has responded to and resolved complaints it receives.

The complaints should also be reviewed to determine whether there is any indication in the complaints of a pattern that results from a weakness in the program. For example, if customers complain that they didn't understand the nature of the product, the disclosure practices should be reviewed and tested. If the complaints indicate that the consumers didn't understand that certificates of deposit were also available, the bank should review referral practices as well as disclosure practices.

Exception reports and sales reports
The independent audit should review and evaluate the exception reports that monitor sales and the performance of any sales representatives. Here, the independent auditor should look for the substance of the reports and any problematical patterns that the reports may reveal. But most important, the auditor should evaluate the way in which the bank and the third party broker/dealer uses the reports. For example, if the reports indicate a possible problem, the auditor should determine whether the bank identified the problem and responded to it.

Sales representative turnover
High turnover patterns among sales representatives raise several possible concerns. First, training. With high turnover, it is difficult to maintain the training and qualifications levels needed for the program. Second, high turnover may cause poor communications between bank employees and broker/dealers or sales representatives. This type of problem can cause profitability and suitability problems throughout the program.

Redemption patterns
A review of customer redemption patterns should indicate the level of customer satisfaction with the product. Any unusual pattern of redemptions may be the result of inappropriate sales practices. It could also be the result of a threatened drop in the market. The independent audit should evaluate these patterns and try to determine the cause.

File review
The independent audit should include a review of a sample of customer files. In this phase, the auditor is evaluating the effectiveness of the bank's disclosures, customer communication, suitability determinations, and program activity. A good review of customer files by the independent auditor will be used by the examiner - who may never look at customer files.

Customer interviews
Sometimes the only way to determine what happened is to talk to the customer. Thus, the FDIC recommends that the independent audit include customer interviews. This means calling a sample of customers and asking them about the transaction. It's sort of after-the-fact mystery shopping. But this phase also measures not only how well the consumer understood the disclosures at the time of the purchase but also how well the consumer remembers them.

Quality testing
Some banks, especially those that maintain a large-scale non-deposit investment program, should also conduct quality testing or mystery shopping. This involves hiring contractors to pose as customers and report precisely how their questions are answered and what information they are given.

Third party agreement
Where the bank uses a third party vendor, the independent audit must include a careful review of the agreement. The auditor should determine whether all the required elements are in the agreement and whether the agreement is being followed.

Source material
An excellent guide for the independent audit is the FDIC examination procedures. Even if your bank is not regulated by FDIC, the examination procedures are a good model to follow. The auditor can adapt the procedures to the bank's situation. In particular, it might be useful to take into account known strengths and weaknesses of the program in determining how to spend time.

Examiners will start with the independent review and take the examination from there. A high quality independent review with clear, written findings can significantly shorten your examination. The steps outlined above are not all mandatory. Selection of which steps to include and to what extend should be made based on the circumstances of the bank and the bank's program. The more complex the program, the more complex the bank's market, the more steps should be included.

ACTION STEPS

Determine who should conduct your third party audit. Find a bank employee who is capable of conducting the audit and is truly independent from the program or use an outside auditor.
Sit down with your broker/dealer or sales staff. Discuss the scope of the program and any concerns they have. Use this information to determine the scope of an independent audit.
Schedule an independent audit.
Also schedule a meeting with the Board's audit committee and/or the Board to discuss the audit findings. This is also an opportunity to remind them of their responsibilities for the program.
Conduct the independent audit using agency examination procedures as a guide. Be sure to review the documentation - including all customer complaints - that the examiners review.