Here is a link, but the key takeaway is that AML, IT Security, and ID Theft Red Flags Feature at the TOP of their list.

Training and Audits
The examiners want policies and procedures, but also want to ensure that internal audits and training have taken place. Our Anti-Money Laundering (AML) and Cyber Security/Red Flag Audits and Training can help with this process.
Additional Requests
Often, companies decide that the requests are straightforward enough, and respond on their own. Michigan DOES NOT allow you to amend your submissions, so anything that is deficient will end up on your report and require a formal response. We do this as part of the audit prep service, but as you have often heard, it's much easier to keep the toothpaste in the tube than put it back in.
