6 banking trends and their impact on internal auditing

6 banking strategies and their impact on internal auditing

Credit risk, new regulations, and operations risk management should be on banking internal auditors’ radar in 2024.

As credit, regulations, customer demands, and technology evolve, internal audit teams continue to play a key role in highlighting emerging risks before incidents arise. By tracking shifts in banking strategy and operations, internal auditors can establish priorities requiring heightened review while consulting on process modernization plans.

The following observations illuminate key areas financial services organizations should consider monitoring in contexts ranging from credit risks to data integrity in 2024.

As your bank’s internal audit needs evolve, we’re here to help

Get in touch to learn more about the resources and expertise we offer.

Explore our services

Credit risk management has returned to fundamentals

The era of cheap money ended in 2023 as the cost of debt climbed. During this same period, economic activity showed signs of slowing. With higher interest rates expected to continue and with the anticipation that more delinquencies might surface in portfolios, internal audit teams should refocus on credit risk fundamentals.

Tightening financial conditions in certain pockets of the market combined with expectations for weakened loan demand signal a potential lending slowdown. Additionally, more time might be dedicated to identifying and working through situations when borrowers show signs of strain. As banks experience the effects of clients’ higher borrowing costs, refinancing risks will persist, even if rates subtly decline over the next few quarters.

To mitigate heightened credit risks, internal auditors should thoroughly review existing risk management frameworks to confirm they remain fit for this environment. Testing credit portfolios to identify nonperforming assets and assess overall asset quality is equally crucial, as regulators will expect assurance in these traditionally high-risk areas. Internal auditors should also evaluate the strength and rigor of their loan review function as well as allowances for loan losses given indicators of deteriorating credit health among specific borrowers.

Even as economic tides shift, the fundamentals still apply. Internal audit’s attention to areas like credit risk models, portfolio stress testing, concentration management, and impairment forecasting can help uphold the integrity of bank financial reporting and risk mitigation through market fluctuations. Proactively engaging business leaders on smarter lending strategies for the road ahead is prudent as well.

Regulations and stringent bank audits likely will increase

The current regulatory landscape emphasizes governance, prudential policy, and recovery planning amid recent financial volatility. Disclosure requirements steadily expand beyond public companies. This intense regulatory focus demands more formal, accurate reporting processes from organizations.

For internal audit teams, heightened scrutiny reinforces the need to champion cultures of integrity. Investing in robust quality control systems and misconduct prevention can preemptively protect financial services organizations. As regulators press for resilient risk management and internal controls from banks themselves, internal auditors must lead by example. Honing data governance strategies, vetting third parties, and evaluating cybersecurity controls are key steps in demonstrating regulatory readiness.

Internal auditors should prepare in advance for heightened scrutiny. Regulators will expect doubled efforts from internal audit functions to uphold compliance standards, provide transparent documentation, and coordinate policy management.

With market unrest projected to continue, internal audit teams can stand as a line of defense through volatile times ahead. Their integrity and willingness to evolve might be tested, but banking and financial services organizations need to be able to rely on trusted internal audit teams to safely guide difficult decisions in equal measure.

Technology regulations likely will expand

As regulatory technology gains momentum in financial sectors, its projected expansion underscores regulators’ embrace of automation for oversight efficiency. Back-office process optimization through technology has become pivotal in streamlining compliance. For internal auditors, grasping regulators’ own technological evolution is key to advising on sufficient controls.

Regulators increasingly monitor through advanced algorithms versus manual reviews alone. To preempt compliance gaps, internal audit teams should assess how organizations stay apprised of emerging regulatory technologies while adjusting existing systems accordingly.

Establishing controls that evaluate new regulations’ impacts on technological development and deployment – particularly in the arena of artificial intelligence (AI) – can help future-proof adherence as regulatory expectations for sophisticated data management and analytics climb.

However, clinging to aging or complex legacy IT also poses regulatory compliance risks for financial services organizations from data protection laws like the California Consumer Privacy Act and the General Data Protection Regulation to industry governance standards. Confirming that technologies facilitate rather than obstruct transparency, reporting accuracy, and strengthening data security help internal auditors reassert the relevance of tech-forward governance. Manual processes might enable errors or hide noncompliance in a way augmented regulatory technology doesn’t.

As algorithms and automation indicate the future of regulation and business enablement, internal audit teams should champion innovative governance efforts.

Evolving operations and compliance approaches will test auditor agility

aving robust processes to handle areas such as AI, sanctions, and operational resilience is pivotal.

As banking and financial services operations management teams balance revenue generation and costs amid economic uncertainty, a shifting compliance landscape demands even closer coordination with internal audit teams.

With standards moving from technical evaluations toward outcomes-based measures, financial services organizations must demonstrate effective risk management of immediate and emerging exposures. Having robust processes to handle areas such as AI, sanctions, and operational resilience is pivotal.

Because customer satisfaction increasingly drives purchase decisions, operations teams should focus technology investments on experience analytics and friction reduction. However, new competitive dynamics between banking and private capital also signal more regulatory attention to independent risk functions. Internal auditors should prepare to validate risk management effectiveness and supervisory agility. Rather than sticking to rigid audit plans, teams should be able to respond quickly to ever-evolving risks.

Recent bank collapses also might spur deeper operational audits from regulators. This environment reinforces internal audit’s need to take a proactive stance in assessing process gaps and control deficiencies. Collaborating with operations leaders to balance innovation pace and governance maturity is key to optimizing consumer impacts and organizational resilience alike. Although differing mindsets exist between functions, shared diligence can strengthen infrastructure integrity.

With risks leapfrogging elongated review cycles, internal auditors must refine methodologies that uphold compliance despite economic, technological, and supervisory turbulence. Proactively testing key exposure areas – such as sanctions, data, emerging tech, and outsourcing – can preempt urgent regulatory demands. Additionally, internal auditors should highlight operations wins as well as gaps to reinforce unified cultures of trust and transparency within the organization.

Fair lending practices are becoming fairer

Major updates to the Community Reinvestment Act of 1977 have modernized compliance expectations regarding financial services organizations’ online offerings and commitment to broad consumer access. As amended rules expand requirements, they also serve as a reminder that banks must proactively confirm that lending practices reach all demographics without discrimination.

Advanced risk prediction through AI and expanded data reporting per Section 1071 of the Dodd-Frank Wall Street Reform and Consumer Protection Act can help organizations conduct responsible and inclusive lending. Although reporting burdens will grow, standardized machine learning models and data set submissions can better support fair access to credit.

By leaning into these changes, banks can future-proof their compliance footprint and expand customer bases at the same time. With home ownership gaps and small business capital access still requiring attention, innovative lending practices present ample opportunity for social and economic returns. Internal auditors play a pivotal role in checking that technology, operations, and reporting have appropriate governance controls to uphold this vision for fairer lending.

Data management rigor is critical for audit functions

As organizations confront exponential data volume and complexity growth, cloud-based storage and computation present opportunities as well as new vulnerabilities. Developing coherent data strategies across distinct regulatory environments is critical, yet challenging.

For internal auditors, maturing data governance and management controls provides one avenue to drive value amid turbulence. Specifically, applying tailored testing approaches for IT asset management, reporting tools, and cloud change risks allows auditors to uphold compliance despite technological uncertainty.

Harmonizing definitions and ownership as part of enterprise data governance can help bring order to chaos. Moving beyond siloed data policies empowers more holistic, proactive issue identification before incidents emerge.

With data’s dominance as an emerging risk and a competitive differentiator unlikely to abate, internal auditors should spotlight governance gaps before regulators do. Robust controls enable smooth operations and decision-making, and they help distinguish the internal audit function as a trusted strategic adviser on data integrity. Wielding data-driven insights in service of organizational resilience will remain integral to protecting economic stability and regulatory compliance in the years ahead.

Crowe offers experienced guidance for your compliance journey

The financial services landscape evolves in the blink of an eye, creating ongoing challenges for internal audit teams.

Crowe specialists can work with your organization to help it stay ahead and move confidently while navigating regulatory and industry concerns through ever-demanding environments.

Related insights