Financial Institution Internal Audits

Flexible outsourcing and co-sourcing solutions to meet your strategic needs.

Increasing demands from regulatory agencies, combined with ongoing negative public perceptions of the finance industry, have put financial institutions under more scrutiny than ever before. In particular, regulatory agencies are devoting more attention to the quality and competency of the internal audit function. In addition, external financial statement auditing firms continue to place greater demands on the internal audit function to produce reliable testing programs that they can rely on. These factors have caused small and large financial institutions to re-evaluate their internal audit priorities and seek economical methods to carry out their risk-based audit objectives while at the same time controlling costs and improving efficiencies.

Adding to these challenges is the fact that many financial institutions have been forced to reduce staff to remain competitive. While cost-cutting can help meet short-term financial goals, internal audit staffing shortages and gaps in expertise can present serious unintended consequences for the internal audit function. Material weaknesses in processes, controls and efficiencies can go unnoticed in areas such as operations, financial reporting, credit quality, information security and regulatory compliance. If left undetected, these weaknesses can become ticking time bombs―just waiting to surface at the most inopportune time.

To align their organizations' goals for success, maintain compliance and control costs, many financial institutions have sought advice from RSM to design custom internal audit solutions to complement their internal resources in a flexible manner.

Our internal auditing solutions - designed specifically for financial institutions - create a flexible, experienced extension of your workforce

At times like these, you need an efficient and cost-effective way to anticipate, evaluate and mitigate risks. You also need to meet regulatory expectations and achieve your business goals. With RSM's help, you can do both - by borrowing experienced resources with the industry knowledge you need at the right time to meet most any business need. Our solutions include:

  • Internal Audit Outsourcing―based on your unique operating structure and risks, we'll perform an enterprise-wide risk assessment and prepare an internal audit plan for your approval. Under the oversight of your appointed company executive, RSM can then provide an integrated one-stop solution for all your risk advisory needs, delivering consistent oversight, execution, methodology and reporting. Since the plan is risk-based, we can align our resources in a prioritized approach based upon your tolerance for risk and budgetary goals.
  • Co-Sourcing/Partnering―you retain management of your internal audit program and allow our specialists to supplement gaps in expertise, complete unplanned special projects or fill temporary internal audit staffing shortages to keep your audit plan on track. This approach allows you to "borrow" expertise to complement your internal resources while benefiting from the best practices we have gained at a diverse range of financial institutions.
  • Staff Augmentation―you have access to RSM's resources on demand to complement your internal staff and control fixed overhead costs. This gives you the flexibility to meet peak demand and avoid the overhead costs attributable to full-time employees that may sit idle during slow points in your annual internal audit cycle. Borrow as much or as little assistance as you need to meet your annual internal audit plan.

With RSM, you can supplement your internal resources with dedicated industry specialists prepared to share internal audit best practices in:

  • Enterprise Risk Management
  • Operational Controls – departments, functions or processes
  • Credit Risk Advisory – credit administration and loan quality review
  • Regulatory Compliance
  • Bank Secrecy Act / Anti-Money Laundering
  • Sarbanes-Oxley and FDICIA Compliance
  • Information Technology Controls and Governance
  • Security and Privacy
  • Directors' and Supervisory Committee Examinations
  • CFPB Preparedness Assessments
  • Regulatory Response and Remediation Teams
  • FDIC Loss Share Assistance
  • Mergers and Acquisitions Support

RSM professionals know that helping you meet your basic internal audit and compliance responsibilities is not enough. Our goal is to help you transform your approach to emerging risks by delivering the thought leadership and advice that creates lasting value for your organization.


Our professionals work closely with nearly 2,000 financial institutions of all sizes and complexity across the country and globally. Whether you have a single location, or interests that cross state or international borders, you deserve the attention of professionals who understand your industry and the challenging environment in which you operate every day. At RSM, we get it because we specialize in serving financial institutions like yours.

Our firm's size and volume of work enable us to provide you with industry specialists rather than generalists. You won't have to train our professionals on your business model. RSM clients value the depth and breadth of our professionals' experience—experience gained as financial institution executives, banking regulators, internal auditors, information technology specialists and accounting professionals.

Over the years, we've developed a solid reputation as trusted advisors and thought leaders by consistently delivering proven professionals who understand your operating environment and offer timely and constructive solutions to your most pressing business needs. Did we mention our clients also give us high marks in responsiveness and client service?

Time to think more creatively?

Isn't it time to think more creatively about how to align your internal audit approach with your strategic business objectives? If so, it's time for RSM—give us a call.

How can we help you?

Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.


Complete our Cybersecurity Rapid Assessment form to be contacted about receiving our "quick-hit" evaluation of your organization’s overall security risk.

Learn more