FinTech AML Audit Season is OPEN 😱 Here is how to prepare and why founders should stay out of it!

FinTech audit should NOT be an emergency in your business.

It should be a routine process, where you feel 100% in control and well prepared.

One of the common reasons for compliance project delays  is “we have to prepare for an audit” or “we are in the middle of the audit”. 

Indeed, many compliance teams feel that they constantly have to craft long explanations for regulatory inspections or external auditors. Those audits are often taking away completely disproportionate time and other  precious resources.

When these audits are over, you are often left  with a long list of audit findings (of which 99% you will find ridiculous, formalistic and completely irrelevant), but nevertheless you will have to spend time figuring out what to do about these findings and how to rectify the issues before the next audit, which is another waste of your management efforts. 

So, what if I told you that it is possible

👍 to prepare for any regulator audit within 3-4 hour maximum? 

👍 to know exactly what your audit outcome will be? 

👍 your audit findings list will be very short, sensible and you will actually be able to rectify most issues during the audit and never think about it again!

In short, if you know how to prepare for the audit and focus on the right things, it will not be a paralysing emergency.

Why do I want the CEOs or MDs to stay out of the audit processes?

Let’s say you, as a FinTech CEO, would like to get a favourable audit opinion in the shortest amount of time possible.

After receiving some initial questions and reviewing draft answers prepared by your team, you feel like the audit process is not going to go well, everything looks disturbing and you have an uncontrollable urge to jump in and start driving the conversation and educating everyone about where to focus or how the answers should be.

YOUR AUDIT PREPARATION STRATEGY

1️⃣ Let your compliance person lead the conversation and be a single point of contact for all audit communications. Regardless of what you think of them, most likely they have completed more audits in their professional lives than you, and have a better understanding of how satisfactory answers look like.

2️⃣ Ask your compliance team about the typical audit process and its various milestones, understand the role and the purpose of the engagement letter and the audit scope, the difference between findings and recommendations, how the exchange of information will look like, and what needs to be prepared in advance.

3️⃣ CEO or a founder can assist the team by managing down the cost (or ask your CFO to get involved) – and this is how you can make a difference:

• Get a clear understanding who is going to be involved into the audit team and how many hours they plan to spend. If you see that a senior manager is going to spend 50 hours doing field work analysis, ask to assign a more junior person to do these tasks (because it costs less).
• Ask for a breakdown of the fees based on the activities performed and the seniority of the person who performs the activity. For example, understand how many hours a person expects to spend reviewing one sample case, how many hours they expect to write a report or review your policies. If you see that your auditors are planning to take 20 samples and review each sample account for 2 hours, you have a negotiation opportunity ;-)
• As soon as you get those estimates, you will be able to understand where your auditors plan to spend the majority of their time, how long things may take and which sample sizes they are planning to review - it would give you ample material to challenge the underlying pricing assumptions in a much more constructive way, with data and logic. This way, you can potentially reduce your costs by up to 20%.

4️⃣ When your audit reaches the phase of discussing the initial findings, you can push back. Auditors make up stuff all the time, they need to see you defending your past choices and your policies and your processes, and then they will pull back.  Sometimes (well, most of the times), when auditors make up stuff,  CEO can help by playing the dumbest person in the room and asking “naïve” questions and making innocent comments, such as “Is it really required, why none of our competitors do it”  or “Why do you think this is required, it makes no sense?”

By doing so, you as a CEO will protect the professional standing of your team but at the same time this could be a very effective way of challenging the auditors without making them defensive. Since you are not a compliance professional, you are “just” being curious and asking questions for your personal education only, which is non-threatening for the auditors.

5️⃣ Agree with your compliance team in advance which mistakes and omissions you will let your auditors find quickly. You absolutely need to let them find small and easy mistakes (such as some policies not being updated or some dates missing), or they will keep digging.

To help you implement the above strategies, I have prepared a special  Workshop on How to Prepare for Audits. It is recorded and instantly available. This workshop will teach you how to: 

• Reduce the cost of the audit budget
• Make sure that you know which questions you'll get and how exactly to reply to those
• Only present and prepare the details everyone needs
• Eliminate all “made-up” and “exaggerated”  findings from the final audit report that you will get

Interested? Or do you still want more information?

Check out the agenda HERE. Looking forward to seeing you there!