picture 1 picture 2 picture 3 picture 4

Governance, Risk and Regulatory Compliance

ICI provides a one stop shop of regulatory compliance, enterprise risk management and corporate governance consulting, audit and outsourcing services. We serve bank and non-bank financial service providers seeking to survive and thrive in the midst of the greatest regulatory upheaval since the Great Depression and during a time of profound financial service innovation delivery.

Our team has well rounded experience as examiners, operators and regulatory policy makers in both the banking and non-banking segments of the market. We are cross certified in regulatory compliance, anti-money laundering, internal audit, information technology, security and fraud.

This multi-disciplinary experience allows us to help clients design and implement compliance and risk management practices that are properly calibrated to suit both the current and prospective regulatory environment. As a result, our clients’ products and services can be launched faster and remain appropriately priced, usable, compliant and of high value to end users.


Our Value Proposition

ICI provides the credentials of a Big 4 consulting practice with a smaller firm’s pricing, high service standards and a belief that every client is critical. As an all in one regulatory compliance and enterprise risk management solution, our clients can realize economies of scale and avoid having to manage multiple compliance vendor relationships.

Our practical understanding of compliance and risk management, from having worked in the industry ourselves, allows us to translate compliance in practical ways that can help clients maintain revenue and save costs. Being attuned to emerging trends and new rules dealing with overdrafts, prepaid cards, mortgage servicing, money laundering, fraud and many other areas, enables us to help clients preserve fee revenue and profitability and lower costs.


Our Consultants

Our team members have an average 30 years experience in the financial industry. Within the group are some of the industry’s foremost authorities on regulatory compliance and fraud, such as:

  • Co-author of several implementation rules within the Bank Secrecy Act.
  • Former Chief Counsel of the Office of the Comptroller of the Currency who has written a book on bank holding companies and has advised dozens of foreign governments on enhancing AML and bank supervisory programs.
  • Former Chief of the FBI’s Financial Crimes Section.
  • Former Chief Strategy and Chief Compliance Officer of a regulated money services business and global payments processor.
  • Former senior banking officers and federally commissioned bank examiners in regulatory compliance, credit risk management, policy, information technology and security.

Who We Serve

Our varied experience allows us to serve a wide spectrum of financial service providers, such as:

  • Banks and Credit Unions
  • Lenders
  • Professional Investors
  • Money Service Businesses
  • Bill Pay Providers
  • Prepaid Program Issuers and Managers
  • Payment Intermediaries
  • Government and Multilateral Agencies

Our Services

We provide an all in one menu of consulting, audit and outsourcing services for bank and non-bank financial institutions. To help our clients keep pace with quickly changing regulations, we offer ongoing training and education as a part of many of our audit and outsourcing engagements. We also offer complementary off site gap analyses to prospective customers who need help with an exam or a regulatory order. We will identify issues and suggest ways to address them in a cost effectively manner.

Representative examples of our service offerings include:

    Compliance Consulting
  • Enterprise wide or BSA Risk Assessments
  • Anti-Money Laundering
  • Create or update compliance, risk management, IT/IS policies and procedures
  • Assist with remedial actions and look back reviews associated with regulatory orders
  • Provide non-legal regulatory opinions and research on strategic matters
  • Assist with strategic planning, operations planning and governance matters
  • Conduct regulatory and loan portfolio due diligence for investors and acquirers
  • Provide expert witness testimony and litigation support
  • Prepare bank business plans and financial projections for regulatory approval of M&A
  • Provide compliance training and seminars to employees and directors
  • Assist with institutional due diligence, investigative intelligence, fraud and FCPA
  • Prepare for bank and money services business federal and state regulatory exams
  • Assist with bank holding company, privacy, contingency planning and capital matters
  • Help with compliance and security aspects of IT assessments and implementations
  • Assist with credit risk management, ALLL and CRE Policy and modeling
  • Provide retainer-based, all-around compliance and risk management guidance
    Audits and Testing
  • Bank Secrecy Act / Anti-Money Laundering
  • Deposit Regulations
  • Loan Regulations (consumer, commercial, real estate)
  • Fair Lending, Community Reinvestment Act and other specialized areas
  • Loan Reviews (safety and soundness)
  • Information Technology / Security
  • Compliance with state MSB financial code
  • Diagnostic Assessments (less than a full audit) for all above subject matters
    Outsourcing
  • BSA/AML compliance administrator
  • Consumer compliance administrator
  • Loan review internal auditor
  • State MSB license administrator

Core Vendor Assessments

  • As part of the business requirements analysis and information gathering stages, we will review and report on the bank’s compliance program, internal audit and risk management programs.

  • We prefer to include bank compliance, information security, internal audit and risk management officers for their perspectives. We have experienced professionals to conduct interviews and serve as a liaison with stakeholders and the project management team.

  • Evaluate priority Technical Service Providers (TSPs) to determine which of them address current and proposed regulatory requirements and level of adherence to industry best practices.

  • We also evaluate recent TSP on-site examination reports by the FFIEC. This includes regulatory violations and compliance rating.

  • In our evaluation of TSPs, we assess compliance monitoring by regulators and determine potential operations, legal, reputation and regulatory risk issues to the serviced organization.

  • As it relates to BSA/AML, loans, mortgages, deposits, payments, investments, credit cards, etc., we will assess how the TSPs/vendors proactively notify their clients of system issues/changes and regulatory compliance status reporting.

  • We will perform a public (web) check to see if there are important TSP/vendor service complaints.

  • We are prepared to assign one of our regulatory technology professionals to test and score functionality. This includes preparing a TSP profile(s) for the organization.

  • As part of the TSP/vendor evaluation process, we encourage the involvement of the organization’s compliance, internal audit, information security and risk management teams. These departments are critical for the required oversight and management of TSPs/vendors with the business units and are an established participant on major systems projects. We are available to represent these areas on the project team, in the absence of available internal staff.

Core Vendor Conversion Process

  • We assist sponsors and members of the conversion project team to assess, manage and mitigate both internal and external risk.

  • Our focus is on regulatory compliance, to ensure that compliance monitoring, detection, reporting and record keeping are in effect and functioning continuously - as directed by management. This includes testing of the organization’s incident response plan.

  • We also cover other related issues, such as: recent mandates on regulatory compliance, risk management, information security, IS governance and internal audit.

  • We participate with the compliance and internal audit teams to evaluate and implement plans to conform existing policies and procedures to new core system’s functionality. We also advise on custom system functionality to support the bank’s risk and compliance programs.

Other Conversion Process Services / Issues to consider

The following apply to both the technical service provider and the institution receiving the contracted services:

  • Evaluate enterprise wide risk management program.
  • Assess effectiveness of IS governance program for the organization.
  • Perform an analysis of recent Audit and Examination reports.
  • Identify data classification and data management practices.
  • Review technology risk assessment of: IS infrastructure, sensitive data handling, systems software and production application systems.
  • Review recent evidence of independent audit of control systems testing.
  • Identify proposed regulations that may impact the organization (ie. multifactor authentication).
  • Determine the level of technology maturity of the organization.
We have the professional staff with the capability to address the above issues and others including:
  • Business Continuity Planning and required testing
  • Disaster Recovery Plans for operations and offsite recovery testing
  • Incident Management Program and reports of tests
  • Forensic audits and research
  • Prepare Information Security policies and procedures (GLBA/SOX/BSA/AML)
  • Advise management on new initiatives and potential security and control implications (Cloud Computing, Authentication Requirements, Data Governance, Regulatory Relations, etc.)