Your message has been sent, thank you!

Print the page

Risk Management

Taking the holistic approach

Risk Management

Internal Audit

Five major drivers

Internal Audit

Islamic Banking and Finance

Interpretation & Implementation

Islamic Banking & Finance


Banking Regulation and Business


Treasury and Capital Markets

Market and Liquidity Risk

Treasury & Capital Markets

Financial Crime

Don't be scared, be prepared

Financial Crime

Please contact us for more information:

Dennis Cox

Risk Reward Limited

T. +44 (0)20 7638 5558

F. +44 (0)20 7638 5571

Click here for the Internal Audit Brochure   Click here for the Internal Audit Brochure

Internal Audit

As specialists in Bank Internal Audit we are seeing the global redevelopment of internal audit as it transitions to meet the demands posed by the revised BIS expectations which include auditing efficiency.

There is no question that changes in regulation have resulted in banks and insurance companies requiring a refresh and reconnect of Internal Audit to the Board, to serve as a risk mitigating function of importance. Whether driven by Basel 2.5 /III or Solvency II, risk management and internal audit are working ever more closely together. This is Risk Reward’s most noted area of expertise.

What do we see as the current top five challenges facing Bank Internal Audit? 

  1. Auditing Corporate Governance has become a major concern for regulators who are seeking additional assurance regarding the operation of Boards, Committees and the effectiveness of executive and nonexecutive directors. Due to the sensitivity and profile of such an assignment the involvement of an external resource is generally welcomed.
  2. Auditing Internal Audit because The Basel Committee on Banking Supervision has for the first time established the principle that the internal audit function within banks should be assessed for its effectiveness. This independent assessment is to include the integrity, capability and professional competence of internal auditors, the scope of their work, their assessment of the Board and the Governance Framework, as well as their oversight of other functions such a Risk Management, Compliance and Finance.
  3. The Auditing of Enterprise Risk Management has also raised in importance due to concerns over data quality. This is because each risk area is led by a subject matter expert, the requirements are complex and there is significant use of judgement which rarely leads to consistent enterprise risk management. Internal Audit is forced to enhance its skills and be able to audit what it should see as opposed to what is does see.
  4. The Internal Audit of Models and model validation departments which requires a level of mathematical skills often not available within internal audit . Models exist in various parts of a firm including credit risk, market risk, treasury, strategy and pricing and all of these require auditing.
  5. The Phased Implementation of Basel III because this is now being implemented in the US (under Dodd Frank) as well as in the rest of the world. With Basel III comes a new determination of the calculation, allocation, management and adequacy of capital and liquidity within banks, all of which must be included in the scope of the internal auditor’s work, with that work itself now made subject to regulatory assessment. It also changes the way business will be conducted in the future.

We hope you and your Internal Audit management and teams will find something of interest within our service offerings, whether a short-term, small single audit project, a major change programme or even a single training course. Please be assured that high-quality, service excellence and good value are what we are known for, and have been for more than 10 years.

Why not challenge us to add value to your internal audit department?


Here are some examples of recent bank internal audit solutions to the challenges outlined.

In Kenya an Internal Audit team was seen as failing by its Audit Committee. Our Consultants reviewed the audit function against the BIS sound practices paper and trained the auditors on risk based auditing and writing audit reports. We also developed training for members of the audit committee to enable them to understand their roles and recommended a restructuring of the audit function.

An accountancy firm with offices in a major off-shore market asked our bank internal audit team to help them with audit training for their own consultants who in turn were providing internal audit services to their banking and finance clients. When the costs to train their own team came under discussion we suggested that the firm ‘host’ this internal audit training and make it available to their clients locally on a discounted commercial basis (where such technical training was quite rare). More than 20 client organisations attended; the accountancy firm covered their costs, they provided a highly-valued service to their external clients through training (which they could not offer otherwise due to potential conflicts of interest) and even offered a few passes to the local regulator to attend, too.

A Saudi Arabian Islamic Bank required the bank’s internal audit function to be redesigned and realigned to the changes implemented as it became compliant with traditional risk management. Our qualified Islamic banking and finance experts, working in collaboration with the local Shariah board, successfully designed the audit programmes for Islamic credit, risk management and liquidity risk and recoveries.

In Cairo our internal audit experts designed a programme to modernise the internal audit function as part of a risk management culture change initiative. The bank asked us to guarantee that they would see change within their auditors’ behaviour within 3 months. We worked closely with the total C-Suite of the bank to ensure any potential reshuffle of personnel helped in maintaining the bank’s productivity, competitiveness and brand. In collaboration with the Chief Internal Auditor, the Audit Committee, the Senior Audit Managers and newly appointed ‘Champions’, our small in country team were able to redefine the bank’s audit universe, prepare the audit plan using a risk-based approach (treasury, risk management, credit, HR, IT, etc) and write new audit policies, procedures and the manual. We also run an on-going series of practical workshops including how to prepare new audit programmes for the top 10 risk-based areas, how to review the audit findings, develop techniques and solutions to improve presentation of the audit findings, improve negotiation skills with the Audit Committee and implement effective audit writing.

A South African bank asked for training of their internal auditors to audit the Risk Department; within 15 minutes (or as we figured, a run past the water cooler and enable them to go upstairs) we received a call from the Risk Department in the same bank asking for training as they were about to be audited. Naturally, we suggested to the Head of Human Resources’ Training Manager to ‘throw everyone into the pool’ together and delivered a 3-week training programme for all 150 of the combined teams. Later we returned specifically to conduct our view of the ICAAP and run a practical workshop to en sure the bank’s audit team could continue without the need for consultants.


Find out more

Risk Reward’s internal audit services are focused primarily on the Banking and Financial Services industry and we travel worldwide to deliver them. However, we will also provide services for companies in the areas of treasury, governance, financial modelling and risk management audits as well. We accommodate every client’s particular internal audit needs, whether they are in the form of large-scale consultancy and/or training programmes or providing one-to-one training for an individual auditor in preparation for a particular audit assignment.

Risk Reward provides the best trainers and consultants in the business. Our technical and audit experts are professionally qualified with an average of 25 years of practitioner experience, in both developed and emerging markets, acquired through occupying relevant executive roles in their corporate and professional careers.

  • Risk Reward works with our clients in the planning and execution of projects aimed at enhancing the quality and effectiveness of internal auditing. Such projects are invariably oriented towards transforming from compliance based to risk-based audit approaches, achieving a corresponding up skilling and reconfiguration of the audit function and implementing best practice risk based auditing tools and up-to-date techniques.
  • Risk Reward also provides experienced auditors on a co-sourcing basis to work under our clients’ management and direction, to bring a specific technical expertise to the internal audit team, provide additional resources where these are lacking or undertake complete audits.
  • Every training course delivered by Risk Reward is individually customised to meet the particular needs of our clients. Irrespective of the country where our services are provided, our team of researchers ensures that training materials correspond to local and national laws and regulatory requirements.
  • Training can be delivered either at the client’s own premises or in our training facilities in London. A list of our most popular training courses for internal audit appears later in this brochure.
  • Risk Reward Limited has partnered with the Institute of Internal Auditors (IIA) to offer training courses to prepare for the Certified Financial Services Auditor (CFSA) and Certified Internal Auditor® (CIA®) exams. These training programmes combine the leadership of an experienced practitioner with the print and web-based materials to expand your internal audit knowledge and skills and prepare you for the either exam.
  • As most of our projects are delivered in emerging markets our costs are highly competitive and we are committed to giving our clients best value for money at all times.

Expertise, Experience, Professionalism and Rapid Response

We have developed significant expertise in internal audit modernisations having worked with a number of banks that wanted to accelerate their progression to modern, risk-based auditing approaches. These are typically ‘root and branch’ transformations of internal audit functions and, consequently, require that our consultants interact at all levels of the enterprise; audit committee, executive management and internal audit management and staff.

  • Internal audit modernisation aims to optimise audit resource effectiveness through:
  • Definition of the skills requirements relative to a modern risk-based internal audit function and subsequent staff assessment and selection
  • Reorganisation of the audit function through the creation of multi-skilled audit teams to replace siloed structures that have one-dimensional specialisations (credit audit, branch audit, IT audit etc.)
  • Reconfiguration of the audit universe (i.e. identifying areas to be audited) by grouping business functions within auditable units that represent, wherever feasible, end-to-end transaction and product processing cycles
  • Implementation of a risk assessment methodology that measures the relative inherent risk of each auditable unit
  • The prioritisation of auditable units according to their inherent risks and categorisation into high, medium and low risk auditable units, as a basis for the development of a flexible risk based audit plan
  • Design and implementation of risk-based auditing tools and techniques
  • Development of an Audit Charter and Manual that reflect risk-based audit approaches and prevailing standards promulgated by the Institute of Internal Auditors and the requirements of the Bank for International Settlements
  • Development of an in-house communications programme to promote the new image of auditing
  • Training and mentoring audit teams through the early stages of applying the new risk-based audit approaches


In addition to our fulltime professional staff of trainers and consultants we have developed, over the years, an unparalleled network of expert auditors many of whom have particular technical audit specialisations encompassing, for example, IT, Governance, Treasury, Credit, Risk Management and Modelling, Stress testing and Scenario modelling and many other major areas.

For most financial institutions it is not economically viable to retain an audit function that possesses all the technical specialisations it requires over time to satisfy the needs of its audit plan. Similarly, internal audit functions often find themselves in circumstances where they do not have sufficient resources to staff their larger audits due to absences, general staff shortages or as a consequence of assigning auditors to other tasks, such as investigations.

Many of our clients find co-sourcing using Risk Reward’s audit experts the optimal solution in such circumstances. Risk Reward will always be able to find precisely the right resource for any situation.


Risk Reward has a reputation as one of the leading providers of top quality audit training in the world. We have successfully provided financial services audit training to more than 250 institutions including banks, insurance companies, central banks, external audit firms and national regulators.

We have a vast library of courses covering almost every aspect of financial services. Each course is customised to the specific needs of our clients. We are ready to travel anywhere in the world to deliver training or, alternatively, we can host clients at our excellent training facilities in the heart of London.


Non-Executive Director (NED) members of the Audit Committee are required to be proficient in business, strategy, risk, corporate governance and finance all at the same time. They are also required to develop an intimate knowledge of their bank or financial institution and all of the regulatory constrains within which it operates. When these requirements are taken together with the limited timeframe at their disposal, they make the role of an NED very challenging.

Risk Reward Limited can assist NEDs by reviewing audit reports before the meeting of the Audit Committee and providing them with expert feedback and assessment of critical issues; their potential impacts, the questions they raise and whether or not they need to be investigated any further.


We also offer the services detailed below:

  • Audit Report Writing – writing high quality audit reports in English on the basis of drafts (this service is of particular value to audit functions that are required to produce audit reports in English where this is not their first language)
  • Audit Programme Reviews – reviewing internal audit programmes to ensure that they comply with best practice and consider all relevant key risk issues
  • Benchmarking – assessing the internal audit function, benchmarking it against best practice and providing a diagnostic that highlights areas requiring improvement
  • International Branch Compliance – undertaking the internal audit of branches or subsidiaries in the UK of overseas institutions to ensure that they comply with the UK regulations and global best practice.

Risk Reward undertakes Internal Audit training, both in-house and public courses, focusing on the following areas:

  • Certified Internal Auditor® (CIA®) exam Part 1
  • Certified Internal Auditor® (CIA®) exam Part 2
  • Certified Internal Auditor® (CIA®) exam Part 3
  • Certified Financial Services Auditor® – Banking (CFSA®)
  • Certified Financial Services Auditor® – Insurance (CFSA®)
  • Certified Financial Services Auditor® – Asset Management (CFSA®)
  • Auditing Basel II/III and Risk Management for Banks and FIs
  • Auditing the Branch Network
  • Auditing Budgeting, Forecasting and Reporting
  • Auditing Business Continuity Planning
  • Auditing Community Banks
  • Auditing the Compliance Department
  • Auditing Counterparty Risk
  • Auditing Consumer Finance
  • Auditing Corporate Lending
  • Auditing Credit Administration
  • Auditing the Credit Committee and Governance
  • Auditing the Credit Department
  • Auditing Credit Scoring
  • Auditing Derivatives
  • Auditing Excel Spreadsheets
  • Auditing Factoring and Invoice Discounting
  • Auditing Financial Accounting
  • Auditing the Finance Department
  • Auditing Fraud and Money Laundering Deterrence
  • Auditing Governance, Risk and Compliance
  • Auditing the ICAAP
  • Auditing the ILAA
  • Auditing the Implementation of Credit Risk Systems
  • Auditing Internal Controls
  • Auditing to International Audit Department
  • Auditing Insurance Companies
  • Auditing Investment Banks
  • Auditing Islamic Banking & Finance
  • Auditing for Insurers
  • Auditing the IT Department
  • Auditing Management Accounting
  • Auditing Market Risk
  • Auditing Mergers, Acquisitions and Due Diligence
  • Auditing Model Risk
  • Auditing Model Risk/Model Validation
  • Auditing Operations and Processing
  • Auditing the ORSA and CORSA for Insurers
  • Auditing Product Control
  • Auditing Project Finance
  • Auditing Operational Risk
  • Audit of Recovery and Resolution Planning
  • Auditing the Risk Department
  • Auditing Solvency II
  • Auditing Trade Finance
  • Auditing the Treasury Function
  • Auditing Value at Risk Models
  • Bank Internal Audit School
  • Basel III for Internal Auditors
  • Capital Management and Basel For Auditors
  • Compliance Auditing
  • Continuous Auditing using Risk Assessment
  • to Build Audit Programmes
  • Debt Finance for Auditors
  • Dodd- Frank for Internal Auditors
  • Effective Audit Committees
  • Fundamentals of Internal Auditing
  • Internal Audit Quality Assurance
  • Managing the Internal Audit Department
  • Modernising the Internal Audit Function
  • Regulatory Update for Internal Auditors
  • Risk Based Internal Audit for Banks
  • Risk Based Internal Audit for Insurers
  • Value for Money & Performance Auditing
  • Writing Effective Audit Reports

We deliver audit training to regulators and banks globally via trusted and reputable affiliates including government training centres, training companies and directly on an in-house basis.



For more information, a prompt reply and competitive quote solutions please contact:

Lisette Mermod
Tel: +44 (0) 20 7638 5558