An audit is a formal review of a person's, company's or organization's financial accounts and statements. A bank audit is a routine procedure that reviews a financial institution to make sure it is in compliance with all regulations and industry best practices.

The 2008 financial crisis revealed many weaknesses in financial institutions' risk management, governance and controls. As a result, the use of quality bank audits has been prioritized to protect American consumers.

The Purpose of the Audit

One of the primary reasons for performing bank audits is to provide an objective evaluation of a bank's business activities, information systems and controls. A financial institution's key areas vary based on the services it offers, the risk of fraud and the complexity of the systems it has in place.

A bank audit should reveal whether a bank has sound, ethical practices that abide by regulations put in place to protect consumers.

Types of Bank Audits

Audits fall into one of two categories: internal or external.

Internal bank audits play the role of risk management and work as part of the ongoing monitoring of a bank's internal controls and financial assessment procedures. These audits assess the competence of a bank's policies and procedures, as well as its compliance with them.

Specific tasks may include reviewing the accuracy of financial statements, evaluating the amount of risk the company is taking on and analyzing how it assesses its capital.

Generally speaking, external audits are preferred for bank audits because it is more likely that the auditors can be objective in observations and reporting if they do not have any direct ties to the organization being audited.

Both internal and external auditors serve the same purpose in that they perform their duties to be assured that the bank's financial statements and operations are free of mistakes and inefficiencies.

However, external audits may be more thorough because the external audit is the sole job of the auditor, whereas employees doing internal audits may have other job responsibilities that get in the way.

Compliance With Regulations

One of the more important parts of the bank audit process involves checking on the compliance of financial institutions. Auditors need to make sure banks are following federal, state and local regulations, as well as their own policies. These regulations are put in place to protect consumers, and violations could endanger people.

If problems are found, bank auditors usually make recommendations to improve the procedures.

Using Substantive Analytics

Auditors use substantive analytics to check a company's financial statements for errors and material misstatements, which is information so incorrect that it misleads individuals who use the data for decision-making. These procedures focus on plausible relationships between financial data and nonfinancial data.

For example, if the number of loans a bank distributed decreases, an auditor expects to see a decrease in interest earned. If this information does not reasonably correlate, it is the auditor's job to identify the reason behind it.

An audit test of controls goes hand in hand with substantive analytics because it tests the controls put in place to prevent material misstatements from happening. If a financial institution's controls are strong, they not only prevent mishaps from taking place, but also detect current inefficiencies.

An auditor who finds an error during a test of controls usually conducts further testing with a larger sample size to see if the issue is systemwide.