IT Examiner School, Seaside, CA

Assess Wire and ACH Activities

Step 2: Evaluate audit coverage by:

• Reviewing the audit risk assessment, audit plan, audit policies and procedures, etc.

• Reviewing the available reports for thoroughness. --general significance of audit findings

--is the scope and frequency of the ACH and wire audit coverage sufficient and based on the risk? --have findings been addressed by management?

• ODFIs are required to conduct an annual audit of their compliance with the NACHA Operating Rules.

Assess Wire and ACH Activities

Step 3: Evaluate policies and procedures: – Credit standards for intra-day overdrafts of ACH or wire transfer originations – Handling rejected/holdover transactions – Separation of duties – Daily balancing of accounts and transactions – ACH customer approval process, establishment of limits – Validation of wire requests through call-backs or other established authentication procedures – Incident response guidelines – Implementation of a comprehensive DR/BCP – OFAC policies and procedures (may be addressed only in BSA)