Why it mattersProvides larger organizations certain competitive advantages such as the ability to invest in technology to attract millennial members supply relationship pricing to loyal members amp minimize regulatory expense impact
copy Doeren Mayhew All rights reservedStrategic Advisory
CU Industry Merger Rationale ndash Quantitative 12
Loans Shares Ratios
ROA
Operating Expense Ratio
Return of the Member
Annualized DividendsShares
Member Value Credit Union ValueEmployee Value
Callahan amp Associates Return on Member represents Return to Savers Return to Borrowers Member Service Usage formulas Credit unions with a score of 100 are considered leaders in providing services to their members
copy Doeren Mayhew All rights reservedStrategic Advisory
069
046 043
Small Credit Unions(Under $115M)
Average Large Credit Unions(Over $1B)
13
Source CUNA Summary of Cornerstone Advisors 2017 Study
Current Industry Merger Rationale - Quantitative
Regulatory Burden Financial Impact
75
23
2
$61 BILLIONTotal Industry
Regulatory Costs
Staff CostsIncluding risk management member-facing and support
employees
3rd Party Expenses
Including compliance technology legal and
training
Depreciation of Capitalized Expenses
Including technology investments
Small Credit Unions Bear the Brunt of Regulatory Burden
bull 1 out of every 5 employeersquos spent time on regulatory compliance (note from 2014 to 2016 CUNA saw an additional 135 employees needed for regulatory requirements)
bull Total Credit Union regulatory burden dollars saw a $800 million (151) two-year increase
bull Total Credit Union regulatory burden dollars translate to $115 per CU household
copy Doeren Mayhew All rights reservedStrategic Advisory
14Current Industry Merger Rationale - Qualitative
Member Benefitsbull Convenience Increase member access points and extend geographical coveragebull Price Opportunity for competitive ratesbull Products amp Services Improved products and servicesbull Familiarity Same recognizable credit union experience
Credit Union Benefitsbull Operating efficiencies via combined systems and support networksbull Greater presencebull Increased lending opportunitiesbull Further diversification of demand product and servicesbull Larger asset and capital base bull Improved succession planning
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
Why it mattersProvides larger organizations certain competitive advantages such as the ability to invest in technology to attract millennial members supply relationship pricing to loyal members amp minimize regulatory expense impact
copy Doeren Mayhew All rights reservedStrategic Advisory
CU Industry Merger Rationale ndash Quantitative 12
Loans Shares Ratios
ROA
Operating Expense Ratio
Return of the Member
Annualized DividendsShares
Member Value Credit Union ValueEmployee Value
Callahan amp Associates Return on Member represents Return to Savers Return to Borrowers Member Service Usage formulas Credit unions with a score of 100 are considered leaders in providing services to their members
copy Doeren Mayhew All rights reservedStrategic Advisory
069
046 043
Small Credit Unions(Under $115M)
Average Large Credit Unions(Over $1B)
13
Source CUNA Summary of Cornerstone Advisors 2017 Study
Current Industry Merger Rationale - Quantitative
Regulatory Burden Financial Impact
75
23
2
$61 BILLIONTotal Industry
Regulatory Costs
Staff CostsIncluding risk management member-facing and support
employees
3rd Party Expenses
Including compliance technology legal and
training
Depreciation of Capitalized Expenses
Including technology investments
Small Credit Unions Bear the Brunt of Regulatory Burden
bull 1 out of every 5 employeersquos spent time on regulatory compliance (note from 2014 to 2016 CUNA saw an additional 135 employees needed for regulatory requirements)
bull Total Credit Union regulatory burden dollars saw a $800 million (151) two-year increase
bull Total Credit Union regulatory burden dollars translate to $115 per CU household
copy Doeren Mayhew All rights reservedStrategic Advisory
14Current Industry Merger Rationale - Qualitative
Member Benefitsbull Convenience Increase member access points and extend geographical coveragebull Price Opportunity for competitive ratesbull Products amp Services Improved products and servicesbull Familiarity Same recognizable credit union experience
Credit Union Benefitsbull Operating efficiencies via combined systems and support networksbull Greater presencebull Increased lending opportunitiesbull Further diversification of demand product and servicesbull Larger asset and capital base bull Improved succession planning
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
Why it mattersProvides larger organizations certain competitive advantages such as the ability to invest in technology to attract millennial members supply relationship pricing to loyal members amp minimize regulatory expense impact
copy Doeren Mayhew All rights reservedStrategic Advisory
CU Industry Merger Rationale ndash Quantitative 12
Loans Shares Ratios
ROA
Operating Expense Ratio
Return of the Member
Annualized DividendsShares
Member Value Credit Union ValueEmployee Value
Callahan amp Associates Return on Member represents Return to Savers Return to Borrowers Member Service Usage formulas Credit unions with a score of 100 are considered leaders in providing services to their members
copy Doeren Mayhew All rights reservedStrategic Advisory
069
046 043
Small Credit Unions(Under $115M)
Average Large Credit Unions(Over $1B)
13
Source CUNA Summary of Cornerstone Advisors 2017 Study
Current Industry Merger Rationale - Quantitative
Regulatory Burden Financial Impact
75
23
2
$61 BILLIONTotal Industry
Regulatory Costs
Staff CostsIncluding risk management member-facing and support
employees
3rd Party Expenses
Including compliance technology legal and
training
Depreciation of Capitalized Expenses
Including technology investments
Small Credit Unions Bear the Brunt of Regulatory Burden
bull 1 out of every 5 employeersquos spent time on regulatory compliance (note from 2014 to 2016 CUNA saw an additional 135 employees needed for regulatory requirements)
bull Total Credit Union regulatory burden dollars saw a $800 million (151) two-year increase
bull Total Credit Union regulatory burden dollars translate to $115 per CU household
copy Doeren Mayhew All rights reservedStrategic Advisory
14Current Industry Merger Rationale - Qualitative
Member Benefitsbull Convenience Increase member access points and extend geographical coveragebull Price Opportunity for competitive ratesbull Products amp Services Improved products and servicesbull Familiarity Same recognizable credit union experience
Credit Union Benefitsbull Operating efficiencies via combined systems and support networksbull Greater presencebull Increased lending opportunitiesbull Further diversification of demand product and servicesbull Larger asset and capital base bull Improved succession planning
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
Why it mattersProvides larger organizations certain competitive advantages such as the ability to invest in technology to attract millennial members supply relationship pricing to loyal members amp minimize regulatory expense impact
copy Doeren Mayhew All rights reservedStrategic Advisory
CU Industry Merger Rationale ndash Quantitative 12
Loans Shares Ratios
ROA
Operating Expense Ratio
Return of the Member
Annualized DividendsShares
Member Value Credit Union ValueEmployee Value
Callahan amp Associates Return on Member represents Return to Savers Return to Borrowers Member Service Usage formulas Credit unions with a score of 100 are considered leaders in providing services to their members
copy Doeren Mayhew All rights reservedStrategic Advisory
069
046 043
Small Credit Unions(Under $115M)
Average Large Credit Unions(Over $1B)
13
Source CUNA Summary of Cornerstone Advisors 2017 Study
Current Industry Merger Rationale - Quantitative
Regulatory Burden Financial Impact
75
23
2
$61 BILLIONTotal Industry
Regulatory Costs
Staff CostsIncluding risk management member-facing and support
employees
3rd Party Expenses
Including compliance technology legal and
training
Depreciation of Capitalized Expenses
Including technology investments
Small Credit Unions Bear the Brunt of Regulatory Burden
bull 1 out of every 5 employeersquos spent time on regulatory compliance (note from 2014 to 2016 CUNA saw an additional 135 employees needed for regulatory requirements)
bull Total Credit Union regulatory burden dollars saw a $800 million (151) two-year increase
bull Total Credit Union regulatory burden dollars translate to $115 per CU household
copy Doeren Mayhew All rights reservedStrategic Advisory
14Current Industry Merger Rationale - Qualitative
Member Benefitsbull Convenience Increase member access points and extend geographical coveragebull Price Opportunity for competitive ratesbull Products amp Services Improved products and servicesbull Familiarity Same recognizable credit union experience
Credit Union Benefitsbull Operating efficiencies via combined systems and support networksbull Greater presencebull Increased lending opportunitiesbull Further diversification of demand product and servicesbull Larger asset and capital base bull Improved succession planning
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
Why it mattersProvides larger organizations certain competitive advantages such as the ability to invest in technology to attract millennial members supply relationship pricing to loyal members amp minimize regulatory expense impact
copy Doeren Mayhew All rights reservedStrategic Advisory
CU Industry Merger Rationale ndash Quantitative 12
Loans Shares Ratios
ROA
Operating Expense Ratio
Return of the Member
Annualized DividendsShares
Member Value Credit Union ValueEmployee Value
Callahan amp Associates Return on Member represents Return to Savers Return to Borrowers Member Service Usage formulas Credit unions with a score of 100 are considered leaders in providing services to their members
copy Doeren Mayhew All rights reservedStrategic Advisory
069
046 043
Small Credit Unions(Under $115M)
Average Large Credit Unions(Over $1B)
13
Source CUNA Summary of Cornerstone Advisors 2017 Study
Current Industry Merger Rationale - Quantitative
Regulatory Burden Financial Impact
75
23
2
$61 BILLIONTotal Industry
Regulatory Costs
Staff CostsIncluding risk management member-facing and support
employees
3rd Party Expenses
Including compliance technology legal and
training
Depreciation of Capitalized Expenses
Including technology investments
Small Credit Unions Bear the Brunt of Regulatory Burden
bull 1 out of every 5 employeersquos spent time on regulatory compliance (note from 2014 to 2016 CUNA saw an additional 135 employees needed for regulatory requirements)
bull Total Credit Union regulatory burden dollars saw a $800 million (151) two-year increase
bull Total Credit Union regulatory burden dollars translate to $115 per CU household
copy Doeren Mayhew All rights reservedStrategic Advisory
14Current Industry Merger Rationale - Qualitative
Member Benefitsbull Convenience Increase member access points and extend geographical coveragebull Price Opportunity for competitive ratesbull Products amp Services Improved products and servicesbull Familiarity Same recognizable credit union experience
Credit Union Benefitsbull Operating efficiencies via combined systems and support networksbull Greater presencebull Increased lending opportunitiesbull Further diversification of demand product and servicesbull Larger asset and capital base bull Improved succession planning
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
Why it mattersProvides larger organizations certain competitive advantages such as the ability to invest in technology to attract millennial members supply relationship pricing to loyal members amp minimize regulatory expense impact
copy Doeren Mayhew All rights reservedStrategic Advisory
CU Industry Merger Rationale ndash Quantitative 12
Loans Shares Ratios
ROA
Operating Expense Ratio
Return of the Member
Annualized DividendsShares
Member Value Credit Union ValueEmployee Value
Callahan amp Associates Return on Member represents Return to Savers Return to Borrowers Member Service Usage formulas Credit unions with a score of 100 are considered leaders in providing services to their members
copy Doeren Mayhew All rights reservedStrategic Advisory
069
046 043
Small Credit Unions(Under $115M)
Average Large Credit Unions(Over $1B)
13
Source CUNA Summary of Cornerstone Advisors 2017 Study
Current Industry Merger Rationale - Quantitative
Regulatory Burden Financial Impact
75
23
2
$61 BILLIONTotal Industry
Regulatory Costs
Staff CostsIncluding risk management member-facing and support
employees
3rd Party Expenses
Including compliance technology legal and
training
Depreciation of Capitalized Expenses
Including technology investments
Small Credit Unions Bear the Brunt of Regulatory Burden
bull 1 out of every 5 employeersquos spent time on regulatory compliance (note from 2014 to 2016 CUNA saw an additional 135 employees needed for regulatory requirements)
bull Total Credit Union regulatory burden dollars saw a $800 million (151) two-year increase
bull Total Credit Union regulatory burden dollars translate to $115 per CU household
copy Doeren Mayhew All rights reservedStrategic Advisory
14Current Industry Merger Rationale - Qualitative
Member Benefitsbull Convenience Increase member access points and extend geographical coveragebull Price Opportunity for competitive ratesbull Products amp Services Improved products and servicesbull Familiarity Same recognizable credit union experience
Credit Union Benefitsbull Operating efficiencies via combined systems and support networksbull Greater presencebull Increased lending opportunitiesbull Further diversification of demand product and servicesbull Larger asset and capital base bull Improved succession planning
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
Why it mattersProvides larger organizations certain competitive advantages such as the ability to invest in technology to attract millennial members supply relationship pricing to loyal members amp minimize regulatory expense impact
copy Doeren Mayhew All rights reservedStrategic Advisory
CU Industry Merger Rationale ndash Quantitative 12
Loans Shares Ratios
ROA
Operating Expense Ratio
Return of the Member
Annualized DividendsShares
Member Value Credit Union ValueEmployee Value
Callahan amp Associates Return on Member represents Return to Savers Return to Borrowers Member Service Usage formulas Credit unions with a score of 100 are considered leaders in providing services to their members
copy Doeren Mayhew All rights reservedStrategic Advisory
069
046 043
Small Credit Unions(Under $115M)
Average Large Credit Unions(Over $1B)
13
Source CUNA Summary of Cornerstone Advisors 2017 Study
Current Industry Merger Rationale - Quantitative
Regulatory Burden Financial Impact
75
23
2
$61 BILLIONTotal Industry
Regulatory Costs
Staff CostsIncluding risk management member-facing and support
employees
3rd Party Expenses
Including compliance technology legal and
training
Depreciation of Capitalized Expenses
Including technology investments
Small Credit Unions Bear the Brunt of Regulatory Burden
bull 1 out of every 5 employeersquos spent time on regulatory compliance (note from 2014 to 2016 CUNA saw an additional 135 employees needed for regulatory requirements)
bull Total Credit Union regulatory burden dollars saw a $800 million (151) two-year increase
bull Total Credit Union regulatory burden dollars translate to $115 per CU household
copy Doeren Mayhew All rights reservedStrategic Advisory
14Current Industry Merger Rationale - Qualitative
Member Benefitsbull Convenience Increase member access points and extend geographical coveragebull Price Opportunity for competitive ratesbull Products amp Services Improved products and servicesbull Familiarity Same recognizable credit union experience
Credit Union Benefitsbull Operating efficiencies via combined systems and support networksbull Greater presencebull Increased lending opportunitiesbull Further diversification of demand product and servicesbull Larger asset and capital base bull Improved succession planning
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
Why it mattersProvides larger organizations certain competitive advantages such as the ability to invest in technology to attract millennial members supply relationship pricing to loyal members amp minimize regulatory expense impact
copy Doeren Mayhew All rights reservedStrategic Advisory
CU Industry Merger Rationale ndash Quantitative 12
Loans Shares Ratios
ROA
Operating Expense Ratio
Return of the Member
Annualized DividendsShares
Member Value Credit Union ValueEmployee Value
Callahan amp Associates Return on Member represents Return to Savers Return to Borrowers Member Service Usage formulas Credit unions with a score of 100 are considered leaders in providing services to their members
copy Doeren Mayhew All rights reservedStrategic Advisory
069
046 043
Small Credit Unions(Under $115M)
Average Large Credit Unions(Over $1B)
13
Source CUNA Summary of Cornerstone Advisors 2017 Study
Current Industry Merger Rationale - Quantitative
Regulatory Burden Financial Impact
75
23
2
$61 BILLIONTotal Industry
Regulatory Costs
Staff CostsIncluding risk management member-facing and support
employees
3rd Party Expenses
Including compliance technology legal and
training
Depreciation of Capitalized Expenses
Including technology investments
Small Credit Unions Bear the Brunt of Regulatory Burden
bull 1 out of every 5 employeersquos spent time on regulatory compliance (note from 2014 to 2016 CUNA saw an additional 135 employees needed for regulatory requirements)
bull Total Credit Union regulatory burden dollars saw a $800 million (151) two-year increase
bull Total Credit Union regulatory burden dollars translate to $115 per CU household
copy Doeren Mayhew All rights reservedStrategic Advisory
14Current Industry Merger Rationale - Qualitative
Member Benefitsbull Convenience Increase member access points and extend geographical coveragebull Price Opportunity for competitive ratesbull Products amp Services Improved products and servicesbull Familiarity Same recognizable credit union experience
Credit Union Benefitsbull Operating efficiencies via combined systems and support networksbull Greater presencebull Increased lending opportunitiesbull Further diversification of demand product and servicesbull Larger asset and capital base bull Improved succession planning
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
Why it mattersProvides larger organizations certain competitive advantages such as the ability to invest in technology to attract millennial members supply relationship pricing to loyal members amp minimize regulatory expense impact
copy Doeren Mayhew All rights reservedStrategic Advisory
CU Industry Merger Rationale ndash Quantitative 12
Loans Shares Ratios
ROA
Operating Expense Ratio
Return of the Member
Annualized DividendsShares
Member Value Credit Union ValueEmployee Value
Callahan amp Associates Return on Member represents Return to Savers Return to Borrowers Member Service Usage formulas Credit unions with a score of 100 are considered leaders in providing services to their members
copy Doeren Mayhew All rights reservedStrategic Advisory
069
046 043
Small Credit Unions(Under $115M)
Average Large Credit Unions(Over $1B)
13
Source CUNA Summary of Cornerstone Advisors 2017 Study
Current Industry Merger Rationale - Quantitative
Regulatory Burden Financial Impact
75
23
2
$61 BILLIONTotal Industry
Regulatory Costs
Staff CostsIncluding risk management member-facing and support
employees
3rd Party Expenses
Including compliance technology legal and
training
Depreciation of Capitalized Expenses
Including technology investments
Small Credit Unions Bear the Brunt of Regulatory Burden
bull 1 out of every 5 employeersquos spent time on regulatory compliance (note from 2014 to 2016 CUNA saw an additional 135 employees needed for regulatory requirements)
bull Total Credit Union regulatory burden dollars saw a $800 million (151) two-year increase
bull Total Credit Union regulatory burden dollars translate to $115 per CU household
copy Doeren Mayhew All rights reservedStrategic Advisory
14Current Industry Merger Rationale - Qualitative
Member Benefitsbull Convenience Increase member access points and extend geographical coveragebull Price Opportunity for competitive ratesbull Products amp Services Improved products and servicesbull Familiarity Same recognizable credit union experience
Credit Union Benefitsbull Operating efficiencies via combined systems and support networksbull Greater presencebull Increased lending opportunitiesbull Further diversification of demand product and servicesbull Larger asset and capital base bull Improved succession planning
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
The Rationale
Components of ROA - Compare
11
Financial Institutions Group
Why it mattersProvides larger organizations certain competitive advantages such as the ability to invest in technology to attract millennial members supply relationship pricing to loyal members amp minimize regulatory expense impact
copy Doeren Mayhew All rights reservedStrategic Advisory
CU Industry Merger Rationale ndash Quantitative 12
Loans Shares Ratios
ROA
Operating Expense Ratio
Return of the Member
Annualized DividendsShares
Member Value Credit Union ValueEmployee Value
Callahan amp Associates Return on Member represents Return to Savers Return to Borrowers Member Service Usage formulas Credit unions with a score of 100 are considered leaders in providing services to their members
copy Doeren Mayhew All rights reservedStrategic Advisory
069
046 043
Small Credit Unions(Under $115M)
Average Large Credit Unions(Over $1B)
13
Source CUNA Summary of Cornerstone Advisors 2017 Study
Current Industry Merger Rationale - Quantitative
Regulatory Burden Financial Impact
75
23
2
$61 BILLIONTotal Industry
Regulatory Costs
Staff CostsIncluding risk management member-facing and support
employees
3rd Party Expenses
Including compliance technology legal and
training
Depreciation of Capitalized Expenses
Including technology investments
Small Credit Unions Bear the Brunt of Regulatory Burden
bull 1 out of every 5 employeersquos spent time on regulatory compliance (note from 2014 to 2016 CUNA saw an additional 135 employees needed for regulatory requirements)
bull Total Credit Union regulatory burden dollars saw a $800 million (151) two-year increase
bull Total Credit Union regulatory burden dollars translate to $115 per CU household
copy Doeren Mayhew All rights reservedStrategic Advisory
14Current Industry Merger Rationale - Qualitative
Member Benefitsbull Convenience Increase member access points and extend geographical coveragebull Price Opportunity for competitive ratesbull Products amp Services Improved products and servicesbull Familiarity Same recognizable credit union experience
Credit Union Benefitsbull Operating efficiencies via combined systems and support networksbull Greater presencebull Increased lending opportunitiesbull Further diversification of demand product and servicesbull Larger asset and capital base bull Improved succession planning
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
Components of ROA - Compare
11
Financial Institutions Group
Why it mattersProvides larger organizations certain competitive advantages such as the ability to invest in technology to attract millennial members supply relationship pricing to loyal members amp minimize regulatory expense impact
copy Doeren Mayhew All rights reservedStrategic Advisory
CU Industry Merger Rationale ndash Quantitative 12
Loans Shares Ratios
ROA
Operating Expense Ratio
Return of the Member
Annualized DividendsShares
Member Value Credit Union ValueEmployee Value
Callahan amp Associates Return on Member represents Return to Savers Return to Borrowers Member Service Usage formulas Credit unions with a score of 100 are considered leaders in providing services to their members
copy Doeren Mayhew All rights reservedStrategic Advisory
069
046 043
Small Credit Unions(Under $115M)
Average Large Credit Unions(Over $1B)
13
Source CUNA Summary of Cornerstone Advisors 2017 Study
Current Industry Merger Rationale - Quantitative
Regulatory Burden Financial Impact
75
23
2
$61 BILLIONTotal Industry
Regulatory Costs
Staff CostsIncluding risk management member-facing and support
employees
3rd Party Expenses
Including compliance technology legal and
training
Depreciation of Capitalized Expenses
Including technology investments
Small Credit Unions Bear the Brunt of Regulatory Burden
bull 1 out of every 5 employeersquos spent time on regulatory compliance (note from 2014 to 2016 CUNA saw an additional 135 employees needed for regulatory requirements)
bull Total Credit Union regulatory burden dollars saw a $800 million (151) two-year increase
bull Total Credit Union regulatory burden dollars translate to $115 per CU household
copy Doeren Mayhew All rights reservedStrategic Advisory
14Current Industry Merger Rationale - Qualitative
Member Benefitsbull Convenience Increase member access points and extend geographical coveragebull Price Opportunity for competitive ratesbull Products amp Services Improved products and servicesbull Familiarity Same recognizable credit union experience
Credit Union Benefitsbull Operating efficiencies via combined systems and support networksbull Greater presencebull Increased lending opportunitiesbull Further diversification of demand product and servicesbull Larger asset and capital base bull Improved succession planning
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
copy Doeren Mayhew All rights reservedStrategic Advisory
CU Industry Merger Rationale ndash Quantitative 12
Loans Shares Ratios
ROA
Operating Expense Ratio
Return of the Member
Annualized DividendsShares
Member Value Credit Union ValueEmployee Value
Callahan amp Associates Return on Member represents Return to Savers Return to Borrowers Member Service Usage formulas Credit unions with a score of 100 are considered leaders in providing services to their members
copy Doeren Mayhew All rights reservedStrategic Advisory
069
046 043
Small Credit Unions(Under $115M)
Average Large Credit Unions(Over $1B)
13
Source CUNA Summary of Cornerstone Advisors 2017 Study
Current Industry Merger Rationale - Quantitative
Regulatory Burden Financial Impact
75
23
2
$61 BILLIONTotal Industry
Regulatory Costs
Staff CostsIncluding risk management member-facing and support
employees
3rd Party Expenses
Including compliance technology legal and
training
Depreciation of Capitalized Expenses
Including technology investments
Small Credit Unions Bear the Brunt of Regulatory Burden
bull 1 out of every 5 employeersquos spent time on regulatory compliance (note from 2014 to 2016 CUNA saw an additional 135 employees needed for regulatory requirements)
bull Total Credit Union regulatory burden dollars saw a $800 million (151) two-year increase
bull Total Credit Union regulatory burden dollars translate to $115 per CU household
copy Doeren Mayhew All rights reservedStrategic Advisory
14Current Industry Merger Rationale - Qualitative
Member Benefitsbull Convenience Increase member access points and extend geographical coveragebull Price Opportunity for competitive ratesbull Products amp Services Improved products and servicesbull Familiarity Same recognizable credit union experience
Credit Union Benefitsbull Operating efficiencies via combined systems and support networksbull Greater presencebull Increased lending opportunitiesbull Further diversification of demand product and servicesbull Larger asset and capital base bull Improved succession planning
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
copy Doeren Mayhew All rights reservedStrategic Advisory
069
046 043
Small Credit Unions(Under $115M)
Average Large Credit Unions(Over $1B)
13
Source CUNA Summary of Cornerstone Advisors 2017 Study
Current Industry Merger Rationale - Quantitative
Regulatory Burden Financial Impact
75
23
2
$61 BILLIONTotal Industry
Regulatory Costs
Staff CostsIncluding risk management member-facing and support
employees
3rd Party Expenses
Including compliance technology legal and
training
Depreciation of Capitalized Expenses
Including technology investments
Small Credit Unions Bear the Brunt of Regulatory Burden
bull 1 out of every 5 employeersquos spent time on regulatory compliance (note from 2014 to 2016 CUNA saw an additional 135 employees needed for regulatory requirements)
bull Total Credit Union regulatory burden dollars saw a $800 million (151) two-year increase
bull Total Credit Union regulatory burden dollars translate to $115 per CU household
copy Doeren Mayhew All rights reservedStrategic Advisory
14Current Industry Merger Rationale - Qualitative
Member Benefitsbull Convenience Increase member access points and extend geographical coveragebull Price Opportunity for competitive ratesbull Products amp Services Improved products and servicesbull Familiarity Same recognizable credit union experience
Credit Union Benefitsbull Operating efficiencies via combined systems and support networksbull Greater presencebull Increased lending opportunitiesbull Further diversification of demand product and servicesbull Larger asset and capital base bull Improved succession planning
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
copy Doeren Mayhew All rights reservedStrategic Advisory
14Current Industry Merger Rationale - Qualitative
Member Benefitsbull Convenience Increase member access points and extend geographical coveragebull Price Opportunity for competitive ratesbull Products amp Services Improved products and servicesbull Familiarity Same recognizable credit union experience
Credit Union Benefitsbull Operating efficiencies via combined systems and support networksbull Greater presencebull Increased lending opportunitiesbull Further diversification of demand product and servicesbull Larger asset and capital base bull Improved succession planning
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
copy Doeren Mayhew All rights reservedStrategic Advisory
bull Credit unions saw a charter type shift over the past 15 years mainly due to merger activity and general credit union affinity of a community charter
Why it mattersThe conversion from a common bond charter to a community charter forced credit unions to compete with other types of financial institutions for members
15
57
43
Single Common Bond Community amp Other
17
83
Credit Unions in 1990 Credit Unions in 2014
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Article ndash Field of Membership A 25 Year Evolution
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
copy Doeren Mayhew All rights reservedStrategic Advisory
16Current Industry Merger Rationale - Qualitative
Why do smaller credit unions strugglebull Difficult to establish sustainabilitybull Regulatory and compliance costs are much heavier burden for smaller organizationsbull Financial institutions required 135 employees on average to manage new regulations
in Q1 2015 according to the 2015 Bank Compliance Indexbull Inability to offer and price competitive products and servicesbull Less capital to invest in technology
ldquoA good merger solves two problems It puts a small credit union out of its pain and it enables a larger credit union to grow by delivering members who are already sold on the credit union differencerdquo Robert McGarvey ndash Mergers Will Continue to Cull Small Credit Unions From Herd (2013)
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
copy Doeren Mayhew All rights reservedStrategic Advisory
17Current Industry Merger Rationale - Qualitative
bull Economies of scale will allow for additional investments in technology to attract millennials
bull Younger generations demand modern technological delivery channels and obtaining their business is vital for credit unions to continue viability and marketplace relevance
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
Digress Whatrsquos Our Role (WOR) Conversation
18
Whatrsquos Our Role Conversation
bull Robin to help build section
19
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
Whatrsquos Our Role Conversation
bull Robin to help build section
19
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
20
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
bull No integrationscommunicationbull Separate structures and functions for internal audit
compliance and risk managementbull Assumed responsibility for managing organization
risk based on departmental objectivesbull No formal coordinating structurebull Functions are not integrated into organizational
strategic plan
21
Financial Institutions GroupWhatrsquos Our Role Conversation
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
Whatrsquos Our Role Conversation
bull Informal Integrationbull Organizational risk are reported separatelybull No formal coordination of compliance issuesbull Dependent on relationships for working outside
departmental boundariesbull Impromptu format may work out on some projects
but not for others
22
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
Whatrsquos Our Role Conversation
bull Official Integrationbull Departments that manage organization risk are in
regular contactbull Regular meetings with agendas minutes and
action plansbull Cooperated auditing monitoring and reportingbull The unity of the areas is understood by employees
23
Financial Institutions Group
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
WOR Guidelines - Audits and Reviews
24
Financial Institutions Group
Compliance Functionbull Identify opportunities to perform
integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
Internal Audit Hurdles amp Involvement
25
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
Perceptions of IA Related to Mergers
bull Observations from research published by the IIAbull National and international organizationsbull Across various industries
bull Considerations to initiate thought processbull Commitment to IA and resources allocated will vary from organization to
organization
Perceptions of IA related to mergersbull IA participation in strategy will impair independencebull IA is control focused and not strategically focusedbull Involvement in merger activity is time consuming and time sensitivebull IA does not have the expertise and it is expensive for IA to obtain the skills
26
Financial Institutions Group
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
How Can IArsquos Role be Expanded
27
Financial Institutions Group
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
Value - Internal Audit
28
Financial Institutions Group
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
Whatrsquos Our Role Conversation
bull What is your total asset size
bull How big is your IA department
bull Does IA get involved in strategic initiatives such as merger transactions
bull How is the interaction between IA and compliance
bull Do you think there should be more interaction between the two groups at your credit union
bull Please feel free to bring any thoughts forwardhellip
29
Financial Institutions Group
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
Merger Timeline
30
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
copy Doeren Mayhew All rights reservedStrategic Advisory
Letter of Intent
1-2 months
Confidentiality Agreement
Operation Strategic Planning
Merger Planning
Quantitative and Qualitative Measures
Analysis1-2 months
Merger Agreement1-2 months
Employment Agreement
Modifications1-2 months
Appointment of Merger
Team1-2 months
Preliminary Analysis
[Due Diligence Fair Valuation]
2-3 months
Merger Education
CEO meetings amp Joint BOD meetings
2-4 months
Final Analysis1 month
Hart Scott Rodino Anti-Trust Filing2-3 months
Merging CU Member Vote
amp Approval1-2 months
Effective Merger Date
Integration amp Implementation
9-12 months
Member Vote Report results to
Regulators1-2 months
Regulatory Merger Packet Prep
1-2 months
Prospecting Calls
1-2 months
Timeframe is for general reference only andmay be materially different for each transaction
Strategy Transaction Integration
Merger Education
Strategic Planning
Prospecting Analysis
InitiationIntroduction
Facilitation
Structure amp Negotiation
Transaction Analysis
ClosingRegulatory Requirements
IntegrationImplementation
31lsquoTypicalrsquo Merger Timeframe
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
Merger and Acquisition Life Cycle
32
Financial Institutions Group
1 Strategy 2 Due Diligence
3 Deal approval and close
4 Integration
bull Four Key Areas of MampA Life Cycle
bull IA should be involved throughout the MampA process to monitor management activities and offer key insights
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
Ranking Areas of Participation
bull Ranking of actual participation by IA in Merger by stages1 Post-merger audit of combined entity2 Merger integration3 Due diligence (may use third-party)4 Deal approval and close (minimal)5 Merger strategy (minimal)
33
Financial Institutions Group
Overview of Merger Stages
bull Merger Strategybull Process can take multiple years
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Potential Contracts for Review
Vendor Contracts
CONTRACTS
Continuing
Merging
Credit Union
Vendor
Service Provided
Contract Start Date
Contract End Date
Renewal TermExpiration
Minimum Notice
TerminationProvision
Renewal Terms
Approximate Cost
Notes
PerformanceGroup
Location of Original Contract
Create listing of all contracts from both entities
1
ACH Processing
2
Account Cross Sell
3
Accounts Payable checks
4
After hours lending
ALM
When does contract end
Attorneys
Does it auto renew
Auditing Internal
When do we need to give notice to cancel
Auditing External
Board reporting packageALMbudget
Termiantion Provisions Anything unsual
ATM Processing
Implication Example
What is estimated cost of terminating contract
Tons
Crtical Contacts
Core
Card Network
LOS
Payroll Processor
Loan servicers
Task
Who Is responsible
Notes
IA Function
Other Notes or Integration Pre Planning
CUES
I Financial Analysis
CUES
A Obtain Copies and Review the Following for the Past 2 Years
CUES
1 NCUA Exam Reports
Management Team
CUES
2 CPA Audit Reports (including workpapers) - if any
Finance IA
Review Third party Audit Reports - Coordinate with Finance
Communicate with audit firm to get CPA perspective
DM
2A Internal FS and Budget to actual and variance analysis
CUES
3 Bonding Company Risk Audits (if any) and pending Claims
DM
4 BOD and SC meeting minutes
Management Team
Minutes over the past 5 years should be reviewed
CUES
B Analysis by 3rd Party CPA or other Advisors (if any)
CUES
1 Financial Review
Finance IA
All signficant third-party reports over the past 5 years should be reviewed
Review Third party Financial Reports - Coordinate with Finance
Note the lack of audits would indicate more risk
CUES
2 Compliance Review
Risk IA
All signficant third-party reports over the past 5 years should be reviewed
Review Compliance Reports - Coordinate with Risk
CUES
C Review General Ledger
CUES
1 Cash
CUES
a Who does CU use as Corporate
Finance Operations
Understand plan and timeline
Navigation of Corporate account project
CUES
b Cash at other Financial Institutions - who
Finance Operations
Understand plan and timeline
Navigation of bank accounts
CUES
c What are cash equivalents (whowhereetc)
Finance Operations
Example - 5 branches with tellersdrawers Cash machines ATMs
DM
d Different branch practices
Operations Risk
Understand plan and timeline
Unification project
DM
e Branch audits (catch all above)
Operations Risk IA
Reviewaudit coordination opportunity
Perform branch audits
Help bring forward differences and aid in unification project
CUES
2 Investments
CUES
a Obtain schedule of investments (description purchase date maturity date rate etc)
Finance
Obtain all safekeeping reports and investment reports
If CDs safekept at individual institions consider perform a 100 confrimation sampling Reason Fraud Risk
DM
b Unrealized GainLoss on investment position
Finance
A large lossgain may impact decisioning
DM
c Investment Strategy
Finance
Understand plan and timeline
Liquidation project
CUES
3 Loans
CUES
a Obtain and reconcile trial balance totals to GL
Finance
CUES
b Test interest accruals
Finance
DM
c Support for serving and participation relationships (purchased or sold)
Lending Finance Risk
Understand plan and timeline
Plan to unwind or continue Consolidation project may be possibility
DM
d Review QC setup
Lending Risk IA
Walkthroughs
CUES
4 Other Assets
CUES
a Obtain and review schedule of fixed assets other assets and NCUA share deposit
Finance
CUES
b For Real Property list and briefly describe each property as follows
Finance
CUES
I Copies of Purchase and Sale Agreement
Finance
CUES
ii Include most recent FMV appraisal tax assessment etc
Finance
Full appraisals on buildings is recommendation
CUES
iii List of monthly costs (maintenance taxes etc)
Finance Risk IA
Unrecorded liabilities
Walkthrough accounts payable controls
Accounts payable transition project
CUES
iv Obtain any consultant or engineering reports or communications from third parties
5 Any limitations on assignment (is merger of CU a default)
Management IA
CUES
6 Analysis of cost of early termination
Management IA
CUES
V Pending LitigationContingent Liabilities
Risk IA
Reviewaudit coordination opportunity
Understand issues and risk levels
CUES
A List and explain pending litigation Review all attorney opinion letters
Risk
CUES
B List and explain contingent liabilities - review the following
Risk
CUES
1 NCUA examiner finding
Risk
CUES
2 Any EEOC investigations
Risk
CUES
3 Any Wage and hour investigations
Risk
CUES
4 Workers compensation actions etc
Risk
CUES
C Bond Issues
Risk
CUES
1 Review bond coverage and all endorsements
Risk
CUES
2 Evaluate extension of coverage post merger
Risk
CUES
3 Evaluate extension of discovery bond coverage post merger
Risk
CUES
VI Human Resources
CUES
A Pending employee lawsuits (see Section V above)
HR Risk
CUES
B List of current positions and current employees
HR Risk
CUES
C Review employee benefits (any retirement benefits etc)
HR Risk IA
See TAB Employee Benefits A look Inside an actual DM Due Diligence Report
CUES
D Years of service for each employee
HR Risk
CUES
E Copy of employment contracts (if any)
HR Risk
CUES
VII Information Services
Management IT IA
Contract Review Tab - Critical Section
Understand synergies and dis-synergies
Begin conversion planning
CUES
A Computer Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
B Communications Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
C Third party Hardware Software Peripheral Inventory List
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
1 ATMs
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
2 Audio Response
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
D Copies of all Data Processing Contracts (see section IV above)
Management IT IA
Understand synergies and dis-synergies
Begin conversion planning
CUES
VIII Other Services
Operations
CUES
A ATMs if any
Operations
CUES
B Item processing
Operations
CUES
1 Number of share drafts processed each day
Operations
CUES
2 Location of processing (in-house or outsourced)
Operations
CUES
C LifeDisability Carrier
Operations
CUES
D Collateral Protection Insurance
Operations
DM
IX Interest rate Risk
Finance
DM
X Branch profitability
Finance Operations
DM
A Branch location growth statistics
DM
XI Internal Audit Functions (required audits)
IA
DM
XII Fee Analysis
Management Team
DM
XIII State Charter Special items
DM
Obtain Tax Filing
Finance
DM
XIV Fraud Investigations
IA
Due Diligence - Takeaways
bull Key Due Diligence Considerationsbull Internal Control Environment ldquotone at the toprdquobull Unrecorded liabilitiesbull Compliance issues and violationsbull Contract Reviewbull IA can participate by conducting fraud reviews (eg insider
accounts)bull IT vulnerabilities ndash Identification and Action Plan Rollout
42
Financial Institutions Group
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Deal Approval and Close
43
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Merger Approval and Close
44
Financial Institutions Group
Section Description
1 Process and project plan
2 Message and methods of communication
3 Member vote packet
4 Meeting agenda and logistics
5 Member vote tabulation and results submission
Section Description
1 Detailed explanation of the reason for the merger
2 Proposed effective date of the merger
3 Current financial statements for both credit unions
Section Contents
1 Notification and Report Form
2Merger Documentationo Explanation and value proposition of the mergero Merger agreemento Executive biographies
3Market Share Informationo Market ConcentrationmdashDeposit Analysiso Market ConcentrationmdashLoan Analysiso Market Concentration by Countyo Bank and Credit Union Market Share Analysis
4Financial Informationo Fair Valuation of Combined Entities as of 33109o Call reports as of 123109o Combined forecast 2010o 5-year historical financial performance ratios
5 Legal Information
Member Vote
FTCNCUAState
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Merger Approval and Close
bull IA participation in this phase may be limitedbull Focus on legal documents and regulatory approval
bull Keep apprised of progressbull During this phase IA can continue to monitor the
merging CUrsquos performancebull Any deterioration or activity increasing risk
45
Financial Institutions Group
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Merger Approval and Close
bull Merger Application with NCUAbull Number one request itembull Excellent item to review before the
integration stage begins
46
Financial Institutions Group
Clic
k on
PDF
Em
bedd
ed
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Integration
47
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Merger Considerations
Project Management Group Structure
Merger Integration
Executive TeamSponsor
Performance Group Leaders
Performance Groups
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Merger Considerations
Project Management Group Process
Merger Integration
Use Tools
Decision
Group Leaders
Meetings
Decision
Update ProjectPlan
Executive Team
Meetings
Decision Communication
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Merger ConsiderationsMerger Integration
BDO ldquoInternal Auditrsquos role in highly acquisitive organizationsrdquo httpswwwbdocomBDOmediaWebinar-HandoutsIAs-Role-in-Highly-Acquisitive-Organizations_062717pdf
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Merger Integration
bull IA should understand the integration timelinesbull Participate in critical meetings (discerned through due
diligence process)bull Play advisory role to functions carrying out the integrationbull Monitor progress and project plan documentation ndash
timelines are being metbull Monitor activities necessary to achieve expected
synergiesbull Highlight potential gaps in the internal control structurebull Data conversion process
bull Quality control and validation
53
Financial Institutions Group
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Post-Merger Audits
54
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Post-Merger Audit
bull Risk based audit plan of combined entitybull Most significant changes in
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Post-Merger Audit
bull Observe integration process to identify weaknessesbull Report audit findings and other observations to business
owners regarding implementation executionbull Investigate whether the specific goals of the acquisition
have been achievedbull Prepare lessons learned observations about the
integration process maybe in coordination with a survey or interview process
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
bull Delayed planning ndash Should begin during due diligencebull Under estimating project size and complexitybull Poor communicationbull Lack of project management
57
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Merger Integration AuditSurveybull A Post-Merger Integration Audit answers key questions about the last
acquisitionbull How were projects difficulties communications and actions surrounding the
merger handledbull What could have been done differently to make the integration more efficientbull What actions remain unfinishedbull How have members and employees perceived mergerbull If the company were to mergeacquire again what should be done differently
bull Audit Approachbull Determine the depth of review requiredbull Interview or conduct written surveys with executives managers employees
and if appropriate members and board membersbull Combine the qualitative and quantitative data (turn responses to specific
questions into graphs) to provide feedback and recommendations
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Insight Oversight Foresight SM
Questions
59
Thank you
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Thank you
Stephen LaBarbera CPAManager Cell (908) 268-1344Email slabarberadoerencom
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Services
bull Auditbull Mergers amp
consolidationsbull IT assurance
bull Vulnerability assessments
bull Penetration testingbull Member business
loan reviews
bull Commercial loan consulting
bull Internal audit co-sourcing
bull Loan loss amp delinquency control systems
bull CUSO consultingbull Regulatory compliance
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Compliance
62
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Due Diligence ndash Lending Compliance
63
Financial Institutions Group
bull Determine whether loan product features will change in a manner that adversely affects consumers
bull Ensure proper notification for variable-rate (VR) adjustments on VR mortgages
Truth in Lending ndashRegulations Z
bull Provide the appropriate Servicing Transfer notice
bull Maintain escrow account administration
Real Estate Settlement
Procedures (RESPA) ndashRegulation X
bull Determine the impact on HMDA reporting for the surviving institution
Home Mortgage Disclosure Act
(HMDA) ndashRegulation C
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Due Diligence ndash Lending Compliance
64
Financial Institutions Group
bull Identify Mortgage Loan Originatorsbull Update employeremployee information in
registry within 60 days of change
Secure and Fair Enforcement for
Mortgage Licensing (SAFE ACT)
bull Conduct a comprehensive Fair Lending review to ensure the acquired loans reflect consistency in pricing and underwriting no impermissible steering practices
Fair Lending Regulations
bull Provide updated Negative Information notice disclosures when necessary
Fair Credit Reporting Act (FCRA)
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Due Diligence ndash Lending Compliance
65
Financial Institutions Group
bull Identify covered loans and ensure adequate insurance coverage
bull Notify the Federal Emergency Management Agency (FEMA) of change in servicer
Flood Insurance
bull Provide the appropriate Servicing Transfer notice bull Maintain escrow account administration including
bull Determine if any foreclosure proceedings are in process or if foreclosure is necessary after the transaction Provide required notices to ldquoqualified tenantsrdquo
Protecting Tenants at Foreclosure Act
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Due Diligence ndash Deposit Compliance
66
Financial Institutions Group
bull Determine whether terms features will change and provide applicable Change in Terms notices
bull Continue to provide periodic statements with accurate customized information (if applicable)
Truth in Savings ndashRegulation DD
bull Identify changes in terms and provide notification within regulatory timeframes
bull Consider overdraft payment opt-in requirements for newly acquired customers
Electronic Fund Transfer ndash
Regulation E
bull Identify changes in funds availability policies and ensure compliance with Regulation CC
bull Ensure transaction processing cut-off timeframes are coordinated and properly disclosed
Expedited Funds Availability Act (EFAA)
ndash Regulation CC
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Due Diligence ndash Other Compliance
67
Financial Institutions Group
bull What credit union wide system will be usedbull Money services business
Bank Secrecy Act (BSA)
bull Consider the adequacy of disclosures to consumers regarding changes to account terms
bull Consider potential impacts on customer accounts converted to accounts without the same benefits
Unfair or Deceptive Acts or Practices
(UDAP)
bull Determine if the acquired bank collects debt for third parties and the scope of that function
Fair Debt Collection practices
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Due Diligence ndash Compliance Resource
68
Financial Institutions Group
Click on Embedded PDF
Source for compliance slides ldquoMergers and Acquisitions A Compliance Perspectiverdquo
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Whatrsquos our Role Guidelines
69
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
WOR Guidelines
bullGuidelines may need to be appropriately paired back for credit unions below 1 billion in total assets
70
Financial Institutions Group
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
WOR Guidelines - Partner
Compliance Functionbull Strategic partner to senior
leadership and business
bull Engaged upfront by business unit leadership
bull Consulted by senior leadership in identified opportunities
bull Collaborate with internal audit to identify and cover risks
71
Financial Institutions Group
Internal Audit Functionbull Audit Committee
bull Proactively provide input on risks related to critical company initiatives
bull Provide value by reporting on risk and controls by setting out the facts risks and implications
bull Jointly with compliance assess group-level risk - Coordinate risk management plansprojects when possible
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
assessment processes with internal audit risk assessment where possible
bull Review ldquohot topicrdquo risks together to determine whether in compliance or internal audit scope
bull Work together across ERM other ldquolines of defenserdquo and internal audit to build common risk framework
Internal Audit Functionbull Include compliance function as
part of annual risk assessment
bull Discuss key areas of risk assessment with compliance
bull Share and obtain feedback on assessments of risk
bull Reduce the risk of duplication of efforts
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
WOR Guidelines - Monitoring
73
Financial Institutions Group
Compliance Functionbull Identify overlap with IA and
areas that are more appropriate for continuous monitoring
bull Collaborate with IA to develop metricsreports for monitoring deficiencies identified
bull Meet with IA to review metrics to find areas that may require ldquodeeper diverdquo audit
Internal Audit Functionbull Coordinate with Compliance to
bull Identify new areas of risk
bull Discuss issues and concerns
bull Discuss upcoming reviews to ensure efficiencies
bull Formalize process of communicating compliance issues with compliance so that compliance can assist in root cause analysis and corrective action
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
WOR Guidelines - Audits and Reviews
74
Financial Institutions Group
Compliance Functionbull Identify opportunities to
perform integrated assessmentsaudits with IA
bull Collaborate during development of compliance and IA annual auditreview work plans
bull Develop and implement complimentary communications when performing integrated audits
Internal Audit Functionbull Look for opportunities to perform
integrated audits
bull Utilize compliance as resourced during fieldworkplanning
bull Use compliance to develop a more holistic view of risk and increase audit efficiency
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
WOR Guidelines - Reporting
75
Financial Institutions Group
Compliance Functionbull Align more closely with
internal audit to drive a common definition of risk and use similar risk language with leadership
bull Include IA in meetings to facilitate information sharing and a coordinated approach
bull Coordinate with IA when needed for meetingsreporting
Internal Audit Functionbull Navigate the audit committee by
providing understanding of sources and coverage of risk
bull Conduct routine coordination and communication between legal compliance ERM
bull In order to appropriately and proactively navigate the audit committee by providing understanding of sources and coverage of risk
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Whatrsquos our role - Source
76
Financial Institutions Group
Click on Embedded LinkPWC ldquoIntersection of Internal Audit and Compliance (2018 Compliance Institute 708)rdquohttpswwwslidesharenettheHCCAintersection-of-internal-audit-and-compliance-2018-compliance-institute-708rdquo
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
Whatrsquos Our Role Conversation
Internal Auditbull Improve business and
financial controls recommendations to drive change
bull Reviews risk management and control and governances processes
bull Provide unbiased and objective view
77
Financial Institutions Group
Risk Managementbull Helps set
organizational strategy to mitigate loss
bull Protects institution from legal liability by serving to protect the member
bull Global
Compliancebull Identify risks and
deploy resources accordingly
bull Promote acting legally and ethically mitigate compliance risks
Managing Organizational Risk The Mighty Triad of Internal Audit Compliance and Risk Management httpswwwslidesharenetPYAPCmanaging-organizational-risk-the-mighty-triad-of-internal-audit-compliance-and-risk-management
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
copy Doeren Mayhew All rights reservedStrategic Advisory
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past
Current Industry Merger Rationale - Qualitative
Source Credit Union Times Magazine
Slide Number 1
Slide Number 2
Slide Number 3
Slide Number 4
Slide Number 5
Slide Number 6
Slide Number 7
Slide Number 8
Slide Number 9
Slide Number 10
Slide Number 11
Slide Number 12
Slide Number 13
Slide Number 14
Slide Number 15
Slide Number 16
Slide Number 17
Slide Number 18
Slide Number 19
Slide Number 20
Slide Number 21
Slide Number 22
Slide Number 23
Slide Number 24
Slide Number 25
Slide Number 26
Slide Number 27
Slide Number 28
Slide Number 29
Slide Number 30
Slide Number 31
Slide Number 32
Slide Number 33
Slide Number 34
Slide Number 35
Slide Number 36
Slide Number 37
Slide Number 38
Slide Number 39
Slide Number 40
Slide Number 41
Slide Number 42
Slide Number 43
Slide Number 44
Slide Number 45
Slide Number 46
Slide Number 47
Slide Number 48
Slide Number 49
Slide Number 50
Slide Number 51
Slide Number 52
Slide Number 53
Slide Number 54
Slide Number 55
Slide Number 56
Slide Number 57
Slide Number 58
Slide Number 59
Slide Number 60
Slide Number 61
Slide Number 62
Slide Number 63
Slide Number 64
Slide Number 65
Slide Number 66
Slide Number 67
Slide Number 68
Slide Number 69
Slide Number 70
Slide Number 71
Slide Number 72
Slide Number 73
Slide Number 74
Slide Number 75
Slide Number 76
Slide Number 77
Slide Number 78
Slide Number 79
Slide Number 80
copy Doeren Mayhew All rights reservedStrategic Advisory
80
From 1990 and Q1 2015
28 50 80
US Population Number of Credit Unions Credit Union Membership
Why it mattersThis data strongly suggests that by creating economies of scale within the industryFewer credit unions were able to do a better job in the areas of service branding and generating public awareness than was the case during the segmented history of the industryrsquos past