Audit and Information Technology

Ensuring effective internal controls and preparation for the unexpected

Proper financial controls are at the heart of every great financial institution. M&M Consulting has been performing audits of community financial institutions since 1996. Our team is experienced; most of our staff members have worked for institutions as well as for third party auditors, so we know how to give practical advice that can be implemented quickly and efficiently.

M&M has helped financial institutions maintain proper checks and balances since 1996 with a team of auditors trained in adding value to the client’s operations. We are independent auditors but we are also strategic partners to help build strong foundations for healthy institutions. We care deeply about striking the right balance between efficient operations and sound financial controls.

Our Audit Services include:

SOX and FDICIA Control Assessments and Testing

The FDICIA act requires all institutions greater than $1 Billion in assets to adopt a framework of internal controls.  M&M Consulting has worked with many institutions to be ready for FDICIA compliance as they approach and surpass this milestone.  Read more about M&M’s approach to FDICIA compliance here.

Assistance with COSO 2013 Implementation

Changes to the COSO framework adopted in 2013 require changes to the way institutions approach internal controls compliance under Sarbanes Oxley. M&M has assisted several institutions to become compliant with the changes required by COSO 2013.

Preparation of Independent Risk Assessments

M&M works with its clients to prepare independent risk assessments and then compare them to the risk assessments prepared internally. Through discussion of the high risk areas identified by M&M and comparing them to the high risk areas identified by management we arrive at a more comprehensive, risk-based framework from which to develop the Audit Plan.

Asset and Liability Management

ALM Management is often cited as the most critical risk for an institution to manage, particularly in this period of unusual interest rate activity. M&M validates the assumptions used in the ALM Process, reviews accountability of third party vendors, and back tests the assumptions in the interest rate model with actual results.

Enterprise Risk Management program compliance

M&M Consulting has worked collaboratively with clients to ensure compliance under even the most robust Enterprise Risk Management programs, leading to timely monitoring and review of key performance indicators under the institution’s ERM program.

Information Security including GLBA

M&M Consulting can provide a comprehensive audit of the adequacy of governance and administration of technology policies and procedures, authentication and access controls, data security at the device, network and host level, encryption, physical security, business continuity planning, and vendor management oversight.

Board and Audit Committee Presentations and Training

M&M has provided guidance and training on the risk-based audit model and methodologies for two decades. We can provide timely reporting and tracking of audit issues and exceptions, as well as periodic board training required under the institution’s training program and best practices based on our field observations of other institutions.

M&M Consulting's Secure Portals

Protecting the present while assuring the future.  Our team of IT experts work to make sure all client information sent through a portal is secure. Every day our IT staff strive to provide prompt, timely research on new ideas and innovative concepts to insure the safety of your client’s information.


Internal Controls Audits for:

Finance and Accounting

M&M Consulting has two decades of experience auditing the financial nerve center of the institution, its Finance Department and its accounting function. Our audit programs are tested over time and reviewed by all of the major regulatory bodies on a frequent basis.

Wealth Management

M&M Consulting performs audits of wealth management activities for clients, including trust administration, wealth management operations, accounting and record keeping, custody, ERISA compliance, governance by trust committees, and monitoring of illiquid assets such as real estate.

Lending Activities

M&M’s audit programs work to review all of the various components of the lending function (originations, documentation, servicing) to ensure comprehensive strong internal controls.

Retail Banking

M&M can assist with branch audits, review of the branch administration function, and comprehensive review of deposit operations.

Electronic Banking and Wire Transfer

In this era of high risk electronic transfers, M&M’s audit programs cover financial controls related to the wire room and the monitoring of ACH originations.

Insurance and other Financial Services

The services provided by the institution to generate Non-Interest Income can sometimes be overlooked for strong financial controls, as it is assumed that the broker/dealer or the insurance carriers are managing the internal controls. M&M can assist in determining if the controls by both the institution and its third party partners are sufficient.

Human Resources

Let M&M help with periodic audit of the HR function, including file review, review of the institution’s employee benefits programs, and policy and procedure best practices.