CMS Case Study

C loyd Bank and Trust Risk Assessment Summary 2020-2021

Audit Area:

Deposits

Definition (score range)

Risk Factor

Score

High (21-30)

Moderate (11-20)

Low (0-10)

Rationale

The deposit operations function is subject to significant regulatory compliance, including Regulations D, E, J, CC, DD, and GG as well as state laws (i.e. unclaimed property). The most recent internal audit resulted in three recommendations related to regulatory requirements. The most recent deposit compliance audit resulted in nine recommendations.

Regulatory requirements are limited to low-profile regulations and law issues that warrant action but have significantly lower levels of risk. Impact on accurate timely financial reporting is minimal. Likelihood of material financial reporting effect is negligible.

Significant regulatory requirements are evident; however, regulatory expectations are clear, seasoned, and considered routine. Violations if any will be technical in nature. Material financial effect is possible; however, activity is routine and noncomplex and errors would be readily evident in normal operations. Seasoned and complex manual or automated systems are important to management decision making or product delivery; however, collaborating or alternative back-up systems exist. There is no basis for control assessment, or they are thought to be weak.

Potential violations of high profile regulations with potential fines, legal liability or costly corrective action are possible. Material financial misstatement is possible due to incorrect handling of infrequent, complex transactions or estimates. Critical management decisions may be based on these financial areas. Complex manual or automated systems are new, critical to management

Compliance

21

The nature of transactions is such that significant errors could result in a material effect on the financial statements. However, the processing of deposit transactions is predominantly routine and automated.

Nature of Transactions

15

Noncomplex systems and operations are seasoned, with well established back up routines.

The processing of deposit transactions is predominantly routine and automated. Members of management possess a broad base of knowledge of the deposit operations function, as well as the banking industry, in general. Control activities have been implemented over deposit operations, and employees receive adequate training for their job functions.

Nature of Operations

18

decision making, or important to product delivery.

Controls are nonexistent or known to be weak.

Controls are strong or adequate.

Multiple policies & procedures related to the deposits function are in place. The most recent internal audit of deposit operations resulted in four recommendations and the deposit compliance audit resulted in nine recommendations.

Internal Controls

21

Changes to systems, processes, or procedures

Major changes since last audit are anticipated this year or not recently reviewed. Management lacks experience or places low priority on internal controls.

Minor changes since last audit are anticipated this year.

No changes since last audit are planned this year.

The Bank experienced significant growth in deposit accounts in 2020, Deposit Operations is responsible for supporting the increase in accounts. No changes to the deposit process or deposit services in the past 12 months and none are currently scheduled for the next 12 months.

9

Management has average experience.

Management is experienced and has high priority on controls.

Members of management have achieved their positions within the Bank because of their level of knowledge, demonstrated skills, and experience within the banking industry. A strong emphasis is placed on maintaining a sound control environment.

Management

8

92

Risk Score

- 9 -