RMAI Certified Receivables Management Program Authorized Audit Providers perform third-party compliance audits for businesses applying for and renewing their Certified Receivables Business (CRB) and Certified Receivables Vendor (CRV) designation. This Q&A with Authorized Audit Provider, Corporate Advisory Solutions gives current and future CRBs and CRVs insight into the compliance audit process.

Philadelphia, PA 19103
Website: www.corpadvisorysolutions.com
Contact: Michael Lamm
Phone: 215-717-8719
Email: mlamm@corpadvisorysolutions.com

Visit the following links to find a Certified Business, Certified Individual, and the Certification webpage.

How long have you been an RMAI Authorized Audit Provider?

CAS was among the first auditor partners the program was first announced in December 2013.

What type of business are you in?

Corporate Advisory Solutions provides strategic advisory services specialized in the ARM end-market, including compliance reviews, consulting, valuation and M&A advisory services. RMAI audits are a small but important component of the work we do.

Approximately how many Certification Compliance Audits have you completed?

We typically complete around 3-5 audits a year.

What would you like prospective audit clients to know about your audit services?

Our goal is to build long-term relationships and treat the audit as a collaborative exercise, working together on remediations (if necessary) and using it as a learning experience verses a measure to punish Certified Companies. Given our experience, we have built a refined process that we feel is accommodating and flexible to gather the necessary data in an easy and suitable fashion for the clients we work with. We like repeat clients so we can leverage our pre-existing relationship to add additional insights and streamline the process.

What advice or tips do you have for Certified Receivables Businesses approaching a Certification Compliance Audit?

Since COVID, RMAI permits remote audits if certain conditions are met related to 3rd party audits. Certified Companies need to have completed a 3rd party audit such as an accredited independent Payment Card Industry Data Security Standards (PCI DSS) audit, a Service Organization Control (SOC 2) audit or an equivalent audit within the last 12 months to permit a virtual audit. Virtual audits can be cost efficient and more flexible than an onsite, when permitted.

What are some common deficiencies you see in typical audits?

Outdated policies and procedures related to new audit standards. A common deficiency we come across is the policies and procedures for work-from-home employees and the necessary documents and paperwork that are required. It is best to have ongoing reviews of the newly introduced Standards to confirm compliance and reduce remediation measures during or post the audit.

What is the average time to complete a Certification Compliance Audit?

The process can be fairly involved, but it shouldn’t be overly intimidating as there is material overlap to what other auditors and creditors may be requesting from a Certified Company. The earlier you engage an auditor the better and easier your life will be. The process can typically take around 1 month to complete between the data request, onsite, follow-ups and write-up.