CPA Gilberto Rivera, VP Compliance and Operational Risk

Slides:

Advertisements

Similar presentations

Auditing, Assurance and Governance in Local Government

Advertisements

Lisanne Sison Director ERM Bickmore

Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.

Auditing Computer Systems

Auditing Computer-Based Information Systems

The Islamic University of Gaza

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

1 Pertemuan 9 Department Organization Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Implementing and Auditing Ethics Programs

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

WHAT ARE MY AUDITORS DOING?. Your Presenter Dianne Batistoni, CPA –EisnerAmper Insurance Group Audit Partner – Bridgewater, NJ – , ext

Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,

Internal Auditing and Outsourcing

Internal auditing for credit unions Nuala Comerford, Chair IIA Irish Region Committee Pamela McDonald Council Member IIA Credit Union Summer School Thursday,

Regulatory Requirements & Compliance: Ensuring Effective Outcomes Presented By: John E. Palmer, CPA Managing Director/Principal.

D-1 McGraw-Hill/Irwin ©2005 by the McGraw-Hill Companies, Inc. All rights reserved. Module D Internal, Governmental, and Fraud Audits “I predict that audit.

Implementing and Auditing Ethics Programs

Establishing A Compliance Program: It Makes Sense

Chapter 5 Internal Control over Financial Reporting

Introduction In 1992, the Committee Of Sponsoring Organizations of the Treadway Commission (COSO) published Internal Control-Integrated Framework (1992.

Internal Control in a Financial Statement Audit

© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.

Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.

Implementing and Auditing Ethics Programs

1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.

© Securities Commission, Malaysia 1 What the Audit Oversight Board will do ICAA-MICPA Audit Forum 3 August 2010.

Richard F. Chambers, CIA, CGAP Vice President, IIA Learning Center The Institute of Internal Auditors.

The Audit as a Management Tool Vermont State Auditor’s Office – April 2009.

Bank Audit. Internal Audit Internal audit is an independent, objective assurance activity and can give valuable insight in providing assurance that major.

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.

IS 630 : Accounting Information Systems Auditing Computer-based Information Systems Lecture 10.

Control and Security Frameworks Chapter Three Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc

An Overview THE AUDIT PROCESS. MAJOR PHASES IN AN AUDIT Client acceptance and retention Establish terms of the engagement Plan the audit Consider internal.

Chapter 3-Auditing Computer-based Information Systems.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

MODULE 7: CONDUCT OF GOVERNANCE AUDIT GOVERNANCE AUDITOR ACCREDITATION COURSE.

Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.

Risk Management Dr. Clive Vlieland-Boddy. Managements Responsibilities Strategy – Hopefully sustainable! Control – Hopefully maximising profits! Risk.

SUNY Maritime Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal controls.

Governance, Risk and Ethics. 2 Section A: Governance and responsibility Section B: Internal control and review Section C: Identifying and assessing risk.

Getting to Know Internal Auditing

An Overview on Risk Management

Project Quality Management

Alia Al-Nujaidi

Legislative Compliance Management Insurance Industry Workshop 1 – 2 November 2005 Bangkok, Thailand Kim Norris Managing Director International Advisory.

Audit Planning, Types of Audit Tests and Materiality

Getting to Know Internal Auditing

12.2 Conduct Procurements The process of obtaining seller responses, selecting a seller and awarding the contract The team applies selection criteria.

Getting to Know Internal Auditing

Presentation to the Portfolio Committee on Finance

Service Organization Control (SOC)

LATIHAN MID SEMINAR AUDIT hiday.

Chapter 9 Control, security and audit

Audit Planning, Types of Audit Tests, and Materiality

A Framework for Control

Air Carrier Continuing Analysis and Surveillance System (CASS)

Defining Internal Control

Internal control - the IA perspective

Getting to Know Internal Auditing

2017 Administration and Finance Conference

Adding Value Across the Board

Internal Controls Policies and Procedures

The Elements of appropriate Internal Controls

Chapter 7 Corporate governance and social responsibility

An overview of Internal Controls Structure & Mechanism

Good practices for risk assessment and control activities

Portfolio Committee on Communications

Presentation transcript:

Tools and Techniques for Internal Auditors and Compliance Officers in External Evaluations CPA Gilberto Rivera, VP Compliance and Operational Risk at Reliable Financial Services, a subsidiary of Wells Fargo

Agenda Overview Compliance Officer & Internal Auditor Responsibilities Compliance Officer & Internal Auditor working together in external evaluations Tools and techniques to prepare external regulatory evaluations Conclusion Questions

Overview Understand functions of internal audit and compliance. Acquire tools and techniques to prepare and respond to external regulatory evaluations.

Compliance Officer & Internal Auditor Responsibilities Similarities: Perform risk assessment procedures to evaluate the effectiveness and efficiency of operations. Communicate findings and provide recommendations to Management to guarantee the compliance with the internal controls, policies, applicable laws and regulations. Perform on-going monitoring and follow-up to ensure remedial actions have been taken.

Compliance Officer & Internal Auditor Responsibilities Main Differences: Internal Auditor Reviews the reliability and integrity of financial reporting and internal controls Ensures the safeguarding of assets Reports directly with the Audit Committee or Board Must be independent from the operation Compliance Officer Focused on compliance with laws, regulations, and policies Obtains and/or establishes policies and procedures Reports directly to Management Liaison with external regulators and auditors Limited independence

Working Together in External Evaluations Both, Compliance Officers and Internal Auditors, collaborate as part of the lines of defense an entity should have. First line of defense (Operations) – is accountable for executing controls for regulatory compliance risks associated with business operations on a day to day basis. Second line of defense (Compliance) - is responsible for independent oversight of the first line of defense, by ensuring that regulatory compliance risks are properly identified, mitigated, tested and reported. Third line of defense (Internal Audit) - provides an independent assessment of the first and second lines of defense and reports directly to the Board of Directors or Audit Committee.

Working Together in External Evaluations Knowledge and awareness of the new standards and regulations, and assess the impact in the operations Understands well the high risk areas subject of the external evaluation Collaborate with external auditors or regulators - SAS 128 for internal auditors in regards to financial statements audits.

Tools and Techniques to Meet External Regulatory Evaluations

Tools and Techniques Know the inspection process in advance Understand well how the evaluation process is conducted. Obtain the examination manual or inspection checklist directly from the regulatory or governing agency. Industry associations and other groups may compliance and audit guidelines.

Tools and Techniques Self-assessments is essential for success It is essential to have a sound internal audit and compliance program. Companies should perform internal compliance audits regularly and proactively correct any deficiencies. Remember that outside auditors will look closely at the internal audit and compliance processes.

Tools and Techniques Consider using a subject matter expert Some entities may not have an in-house expert to handle specific business functions. Independent third-party compliance auditing firms, tax lawyers and others can help close any gap.

Tools and Techniques Be pro-active to changes in the industry “Static” is one of the biggest threats to compliance because compliance is not static, it's a "moving target“. External evaluations will probably tailor their inspection to ensure that any new regulations are accommodated.

Tools and Techniques Read the news Be alert of problems within your industry or business environment Read the news Subscribe to automatic alert services http://www.consumerfinance.gov/newsroom/ http://www.occ.gov/news-issuanances/index-news-issuances.html https://public.govdelivery.com/accounts/USCMS/subscriber/new?topic_id=USCMS_610 http://www.ocs.gobierno.pr/ocspr/ Share information with colleagues Some examples: Department of Justice decisions on any entity that was fined for inappropriate practices Class action suits settled

Tools and Techniques Demonstrate that you can keep compliance data secure Many regulations place security requirements on sensitive data, preventing unauthorized access and safeguarding the data against alteration or destruction. This may involve technologies like encryption and firewalls products. Inspectors will want to verify that aspects of these security requirements are in place and working properly. Have policies and procedures in place to address the scheduling of data destruction and storage.

Tools and Techniques Gather and furnish documentation quickly Provide documents quickly and this should be an important focus of your internal process. Maintain in a centralized manner the gathering and furnish of information in one or two team members.

Tools and Techniques Don't ignore the importance of a business continuity plan Be sure to have documented your important processes and systems in the business continuity plan. Examiners may want to see disaster recovery plans for business units/processes, technology and emergencies.

Tools and Techniques Bring known issues to the table Self-disclose any known issues to the external examiner along with a corresponding corrective action plan. Penalties for intentionally hiding issues tend to be higher than having a self-disclosed issue.

Conclusion Although similarities and differences exists in the compliance and internal audit functions, both can help Management achieve their goals within the regulatory and internal control boundaries. In facing the examiners the most important role of the compliance and internal functions is to work in collaboration with the external evaluator.

Questions

Reference Roles and Responsibilities – Corporate Compliance and Internal Audit” by Mark P. Ruppert, https://www.ahia.org/assets/Uploads/pdfUpload/WhitePapers/AuditComplia nce-RolesResp04052006.pdf