CMS Case Study

C loyd Bank and Trust Risk Assessment Summary 2020-2021

Audit Area

Wire Transfers

Definition (score range)

Risk Factor

Score

High (21-30)

Moderate (11-20)

Low (0-10)

Rationale

A substantial level of compliance is required with regard to wire transfers. Personnel with responsibilities in this function are experienced and receive regular training on compliance issues. There are additional new compliance regulations for foreign remittances if the Bank has 100 or more of these transactions. In 2020, the Bank had approximately 30 foreign remittances. The Bank's Compliance Department is actively monitoring the number of foreign remittances as the Bank grows. Wire transfers pose a risk due to their electronic nature and the potential for loss due to unauthorized activity. Additionally, the volume and aggregate dollar amounts of these transactions increase this risk. Control activities such as wire agreements, dual approval of each wire transfer, and policies prohibiting wire transfers for non-customers are in place. On a daily basis, the wire function is reconciled.

Regulatory requirements are limited to low-profile regulations and law issues that warrant action but have significantly lower levels of risk. Impact on accurate timely financial reporting is minimal. Likelihood of material financial reporting effect is negligible.

Significant regulatory requirements are evident; however, regulatory expectations are clear, seasoned, and considered routine. Violations if any will be technical in nature. Material financial effect is possible; however, activity is routine and noncomplex and errors would be readily evident in normal operations. Seasoned and complex manual or automated systems are important to management decision making or product delivery; however, collaborating or alternative back-up systems exist. There is no basis for control assessment, or they are thought to be weak. Minor changes since last audit are anticipated this year.

Potential violations of high profile regulations with potential fines, legal liability or costly corrective action are possible. Material financial misstatement is possible due to incorrect handling of infrequent, complex transactions or estimates. Critical management decisions may be based on these financial areas. Complex manual or automated systems are new, critical to management

Compliance

19

Nature of Transactions

21

Noncomplex systems and operations are seasoned, with well established back up routines.

The Bank utilizes a wire transfer system (Converge by CenterState). System access is limited and roles are assigned based on job function. Employees with responsibility in this area possess appropriate knowledge, skills, and abilities with regard to wire transfers. However, the wire transfer process has manual components which increase the risk of loss.

Nature of Operations

19

decision making, or important to product delivery.

Controls are nonexistent or known to be weak.

Controls are strong or adequate.

The Bank has a wire transfer policy and corresponding procedures in place. The most recent FDIC Safety and Soundness Examination (January 2019) resulted in one finding. The most recent internal audit (noted as part of the Electronic Banking Audit) resulted in one recommendation.

Internal Controls

13

No changes since last audit are planned this year.

There are no anticipated changes within the next 12 months.

Major changes since last audit are anticipated this year or not recently reviewed. Management lacks experience or places low priority on internal controls.

Changes to systems, processes, or procedures

10

Management has average experience.

Management is experienced and has high priority on controls.

Members of wire management (Deposit Operations) have achieved their positions within the Bank because of their level of knowledge, demonstrated skills, and experience within the banking industry. A strong emphasis is placed on maintaining a sound control environment.

Management

10

92

Risk Score

- 13 -