Beyond The Numbers

Co-sourced Internal Audit

We focus on providing Outsourced or Co-sourced Internal Audit, SOX compliance, and other value-added risk management and compliance services. We can supplement a firm’s existing team or provide a fully outsourced approach.

We provide specialized technical skills and personnel and support the in-house auditors who retain responsibility of the internal audit functions. Our capabilities allow our clients to reduce the additional overhead associated with recruiting, training, administrating, facilitating and maintaining downtime. We offer independent external quality assessments, functional and transformation support, program assessments, operational and cybersecurity reviews and vendor assessment and implementation support.

We have highly experienced internal audit specialists who come from varying backgrounds in both operational and audit roles. With expertise and deep knowledge across a variety of industries, we provide a value-added internal audit function that has proven exceptionally effective in maximizing independent auditor reliance on our work.

By employing a multi-disciplinary approach that allows us to engage the right resources for the right situation, our team of experts in internal control, technical accounting, as well as process and efficiencies, all work together to deliver an unrivaled customer experience.

Our internal audit approach includes a vigorous discovery process, which includes benchmarking companies and investigating our clients’ roles in their respective industries. Our team stays in constant contact with our clients to share knowledge about industry issues and trends, SEC changes and any other information we may ascertain on new and relevant developments.

We collaborate with management to create and implement a unique approach to corporate governance controls, SOX Sections 302/404 compliance and other regulatory requirements. We assist clients build out a supporting internal controls framework, while helping them leveraging their existing SOX program to address applicable regulatory requirements. We extend this approach to the operating, technology, software, and process areas to expand SOX into a sustainable business process and have an effective transition plan to minimize disruptions to new clients.

This approach allows us to:

• Provide unique insight, value, and leading practices for SOX compliance
• Offer “outside the box” recommendations to reduce cost and improve the process
• Consider the emerging risks and current economic environment when developing the right SOX compliance approach
• Coordinate compliance with independent external auditors to fully understand the internal controls over financial reporting
• Foster a relationship that maximizes reliance by the company’s independent auditors on work performed by internal audit
• Develop templates that improve the efficiency of the SOX compliance function
• Deliver flexibility and responsiveness to the changing needs of organizations

The Japanese have developed a Sarbanes-Oxley like requirements for Internal Controls over Financial Reporting for their public companies. We have assisted clients to meet the requirements. Our approach to Japanese internal control compliance or J-SOX reflects our experience across a broad range of industries. Our methodology is predicate on a top-down comprehensive and risk-based approach, which allows us to focus efforts on the most critical activities and enable us to provide a cost-effective solution to clients. Throughout the process, we leveraged our technology solutions to increase efficiency of control testing as well as to provide real-time results to stakeholders. Any opportunities for improvement, such as streamlining operations that would result in cost savings, are part of our overall J-SOX strategy and relayed to management in our findings.

Whether you require a full implementation and maintain your J-SOX program or are seeking assistance with control testing, we are flexible and will tailor our services to meet your needs.

Being prepared for the demands placed on a public company prior to an Initial Public Offering (“IPO”) is crucial. Our team provides IPO readiness services to ensure that the presentation of financial statements and other financial data meet all disclosure requirements. Typically, pre-IPO companies need to create an organizational and back-office infrastructure with the appropriate internal control and regulatory compliance structure required for publicly traded companies, including:

• Effective corporate governance policies and procedures
• Optimized organizational structure and effective processes to support future growth
• Efficient and effective policies and procedures with appropriate internal controls
• Complete and accurate financial statements prepared on a consistent and timely basis
• Robust financial and reporting systems
• Comprehensive compliance structure to support regulatory requirements (i.e., SOX compliance)

Services include:

• SOX Readiness, including coordination with independent auditors
  • Financial controls review coupled with the design and implementation of internal controls

• Foreign Corrupt Practices Act (“FCPA”) compliance

• IPO Process Project Management

• Corporate Governance
  • Audit Committee Charter
  • Whistleblower Policy and Hotline
  • Examination of organizational processes and policies
  • Creation of an Internal Audit function (NYSE requirement), including the development of internal audit charter, internal audit manual, and policies and procedures
  • Development of governance policies

• Business Process Improvement
  • Business process assessment and design, including the creation of financial reporting and the quarterly/annual close process

• Technology Assessment
  • Assess the company’s financial and reporting systems

Enterprise Risk Management (“ERM”) is the process of managing the activities of an organization to minimize the risk of its strategic initiative’s capital and earnings. ERM includes risks not only associated with accidental losses but also with financial, strategic, operational and compliance issues.

The Corporate Governance Benchmarking and Best Practices services focus on helping clients assess and develop an understanding of how the board and senior management executes its responsibilities, including new strategic vision, and become more effective and efficient.

We have deep experience performing risk assessments to guide clients through the entire ERM process. We work closely with our clients’ management teams to perform risk assessments and design custom solutions.

A risk assessment is the basis for an effective internal audit strategy. A well-thought-out strategy helps companies not only prioritize the internal audit efforts but also reaches corporate strategic goals, improve profitability, manage risks, and identify compliance needs to meet governmental regulations and applicable laws.

The COSO 2013 Framework requires companies to consider the potential for fraud in assessing risks to the achievement of its objectives. In evaluating the risk of fraud, companies are required to consider various types of fraud, such as incentives and pressures, opportunities, attitudes, and rationalizations. Our team:

• Identifies the wide-ranging types of frauds
• Identifies examples of specific fraud schemes for each type of potential fraud
• Identifies the company’s activity-level and entity-level controls
• Assesses the relative probability and potential magnitude of the identified types of fraud
• Assists with the design of potential enhancements to help mitigate the risk of fraud

Process and Systems Optimization involves the assessment of people, processes, and technology from a strategic perspective. We assist our clients design sustainable and effective processes to maximize opportunities.

We work with businesses of all sizes across a variety of industries to assess cost structures, outsourcing, and co-sourcing needs, internal controls, workflow, task allocation, post-merger integrations and/or business performance. Creating an optimized business model with maximum efficiency is our focus.

IT compliance is an integral component of every internal audit process and is managed by an experienced Technology Advisory Services team who:

• Assess IT risk and develop IT audit plans
• Design IT Governance Structures and Processes
• Document and test IT General Computer Controls and Computer Application Controls
• Review and assess SOC reports, control exceptions, and client control considerations
• Assess the control adequacy of IT Policies and Procedures
• Evaluate the appropriateness and effectiveness of the IT Governance Model, IT Organizational Design, and IT Segregation of Duties
• Identify internal control requirements, monitoring control performance, and reporting on control compliance of IT change projects

As an integral component of a company’s risk management framework, the regulatory compliance program is a company’s means for adhering to the laws, regulations, and guidelines which are relevant and critical to its operations.

We work with financial institutions to develop, execute, and support economical regulatory compliance programs. By offering an efficient, risk-based approach to managing your compliance endeavors, our top priority is to assist our clients safeguard stakeholder value and protect the value of the company’s brand and reputation.

Our clients:

• Benefit from the deep expertise of our professionals who are highly experienced accountants, auditors, risk managers, and consultants
• Realize the advantages of solutions tailored specifically to individual size and needs
• Experience immediate results based on our extensive knowledge base of industry-leading best practices
• Gain access to experts across compliance, legal, risk management, and audit disciplines
• Provide clients, regulators, leadership, and the board with excellence and personalized service