United States

Internal audit outsourcing, streamlined processes encourage bank growth


Download a PDF of this success story


Investors Bank is a financial institution serving the banking needs of customers in New York and New Jersey since 1926. Investors is a public company, structured as a mutual holding company, with a minority of shares publicly held. The bank has over $12 billion in assets and a network of over 100 branches.


Investors Bank is a well-established institution with historically low staff turnover. However, Investors was forced to re-evaluate its operations after its head of internal audit became ill, and consequently, complaints began to surface about the audit department’s effectiveness.

To address these issues and get the most of its internal audit investment, bank management sought an outside advisor. The bank was spending a significant amount of money, while not seeing the appropriate value, and also anticipated that regulators would be more stringent moving forward. Management desired a more proactive and efficient internal audit, more cost-effectiveness overall, and assistance in alleviating its audit department issues.


Investors Bank chose RSM to outsource its internal audit function, based on the experience and industry knowledge of the engagement team. RSM re-engineered Investors’ audit department to satisfy the desire for increased effectiveness and better information to meet management needs. After a successful first year, the project grew to include Sarbanes-Oxley testing and a wide range of special projects.

A strong relationship has developed that has helped the bank grow. When the engagement began in 2011, Investors Bank had $6 billion in assets; by the end of 2013, bank management projects will exceed $15 billion. Due to the success of past projects, RSM’s credibility and the strength of the relationship, additional services have been consistently added.

Since the beginning of the internal audit engagement, the bank has completed at least five acquisitions. Investors Bank has not experienced any significant integration problems, as RSM has actively participated in assimilating new institutions, from performing counts to evaluating software capabilities. The team helped bring together disparate corporate cultures and control structures from nearly 10 institutions to help form one cohesive workforce.

RSM met with management of the acquired banks to discuss the role of internal audit, expectations of Investors Bank management, and more importantly, to establish a consultative relationship. As a result, when new bank employees have issues, they come to RSM first, because that is the best and easiest way to alleviate concerns.

For example, if a mistake is made, it is evaluated in a politically and professionally appropriate manner, so everybody is prepared for and agrees with the resolution. More importantly, the team routinely meets with employees at all levels, whether board or staff members, to communicate timely information and provide advice.

RSM has also been asked to perform special reviews related to new regulatory requirements, best practices and industry memberships. One of these requirements was a quality assurance review of their mortgage electronic registry system (MERS). The bank did not have sufficient knowledge in-house, so RSM performed the review, and has continued to do so annually.

Another critical project was a comprehensive review of the bank’s entire credit processes. The RSM team evaluated and updated bank policies and procedures, while determining what needed to be expanded upon or contracted. The team was also tasked with integrating Investors’ internal audit, enterprise risk management, SOX and fiduciary requirements into one seamless process. This project has significantly increased the efficiency of the bank’s operations.

RSM has developed a strong relationship with the institution’s audit committee. Most of the committee has been in place for an extended period of time, and the RSM team provided extensive knowledge of the inner workings of their department. At the outset of the engagement, an extensive risk assessment document was prepared, displaying a thorough understanding of bank operations and potential areas of concern. The assessment set the stage for a growing professional and consultative relationship between RSM and Investors Bank.

When RSM took over the internal audit function, Investors Bank had six internal auditors. Considering salary, benefits and occupancy, the first-year annual fee was substantially less than the bank’s payroll for the audit function. The cost savings and higher-quality performance have been incredibly positive for the institution.

RSM’s positive relationship with regulators is also of significant benefit, as the team is viewed more favorably and independently than an in-house internal audit function. In today’s tough compliance climate, keeping regulators satisfied is of utmost importance. That is the most significant positive outcome Investors Bank is experiencing through its growing relationship with RSM.


As a result of this engagement, Investors Bank has a stronger internal audit framework, and has prepared for growth through a series of important projects. The scope of work grows with each successive year, integrating new acquisitions, satisfying emerging legislative and regulatory demands and streamlining operations. RSM has demonstrated a deep understanding of the bank’s operations and its needs, leading to years of success, and positioning the institution for further growth.

  • Other benefits of RSM’s service to Investors Bank include:
  • Significant cost savings and improved performance through internal audit outsourcing
  • Revamped credit processes, including updated policies and procedures
  • Seamless assimilation of acquired banks
  • Integrated internal audit, enterprise risk management, Sarbanes-Oxley and fiduciary processes
  • Stronger relationships with regulators

How can we help you?

Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.

Receive Risk Bulletin by Email


Cybersecurity Rapid Assessment®

Complete our Cybersecurity Rapid Assessment form to be contacted about receiving our "quick-hit" evaluation of your organization’s overall security risk.