Industry · 01/05
Community banks.
Examined by the OCC, the FDIC, or state regulators. Capital, credit, BSA/AML, IT, and operational risk under continuous scrutiny.
Examined by the OCC, the FDIC, or state regulators. Capital, credit, BSA/AML, IT, and operational risk under continuous scrutiny.
A community bank's examination cycle does not pause.
Community banks — typically under $10 billion in assets — operate inside the same regulatory perimeter as their largest peers, with a fraction of the headcount to meet it. The BSA officer is also the compliance officer. The IT risk officer is also the CISO. The internal audit function is one person, two if the bank is lucky, and the examination cycle never pauses long enough to catch up.
Our practice is built for the institution that needs senior judgment without a senior headcount line item. We co-source or fully outsource the functions that benefit from specialization (internal audit, IT audit, model validation, AML), we run examination-readiness work on a cadence that matches the regulator's, and we write findings for the audit committee in language that does not require a translator.
The math of community banking is unforgiving. A finding in October is a budget conversation in November and a personnel decision in January. We come in early so the conversation in January is about something else.
The bank's BSA examination produced a Matter Requiring Attention for inadequate tuning of its transaction monitoring system. The MRA cited a 2017 calibration that had never been refreshed, a below-the-line testing program that had stopped running, and an alert-to-SAR conversion rate that the examiner found 'inconsistent with the institution's risk profile.' We were brought in by the CRO three weeks after the exit conference. Edgar led the engagement.