Presentation is loading. Please wait.

Presentation is loading. Please wait.

CPA Gilberto Rivera, VP Compliance and Operational Risk

Published byJordan Gaines Modified over 6 years ago

Similar presentations

Presentation on theme: "CPA Gilberto Rivera, VP Compliance and Operational Risk"— Presentation transcript:

1 Tools and Techniques for Internal Auditors and Compliance Officers in External Evaluations
CPA Gilberto Rivera, VP Compliance and Operational Risk at Reliable Financial Services, a subsidiary of Wells Fargo

2 Agenda Overview Compliance Officer & Internal Auditor Responsibilities
Compliance Officer & Internal Auditor working together in external evaluations Tools and techniques to prepare external regulatory evaluations Conclusion Questions

3 Overview Understand functions of internal audit and compliance.
Acquire tools and techniques to prepare and respond to external regulatory evaluations.

4 Compliance Officer & Internal Auditor Responsibilities
Similarities: Perform risk assessment procedures to evaluate the effectiveness and efficiency of operations. Communicate findings and provide recommendations to Management to guarantee the compliance with the internal controls, policies, applicable laws and regulations. Perform on-going monitoring and follow-up to ensure remedial actions have been taken.

5 Compliance Officer & Internal Auditor Responsibilities
Main Differences: Internal Auditor Reviews the reliability and integrity of financial reporting and internal controls Ensures the safeguarding of assets Reports directly with the Audit Committee or Board Must be independent from the operation Compliance Officer Focused on compliance with laws, regulations, and policies Obtains and/or establishes policies and procedures Reports directly to Management Liaison with external regulators and auditors Limited independence

6 Working Together in External Evaluations
Both, Compliance Officers and Internal Auditors, collaborate as part of the lines of defense an entity should have. First line of defense (Operations) – is accountable for executing controls for regulatory compliance risks associated with business operations on a day to day basis. Second line of defense (Compliance) - is responsible for independent oversight of the first line of defense, by ensuring that regulatory compliance risks are properly identified, mitigated, tested and reported. Third line of defense (Internal Audit) - provides an independent assessment of the first and second lines of defense and reports directly to the Board of Directors or Audit Committee.

7 Working Together in External Evaluations
Knowledge and awareness of the new standards and regulations, and assess the impact in the operations Understands well the high risk areas subject of the external evaluation Collaborate with external auditors or regulators - SAS 128 for internal auditors in regards to financial statements audits.

8 Tools and Techniques to Meet External Regulatory Evaluations

9 Tools and Techniques Know the inspection process in advance
Understand well how the evaluation process is conducted. Obtain the examination manual or inspection checklist directly from the regulatory or governing agency. Industry associations and other groups may compliance and audit guidelines.

10 Tools and Techniques Self-assessments is essential for success
It is essential to have a sound internal audit and compliance program. Companies should perform internal compliance audits regularly and proactively correct any deficiencies. Remember that outside auditors will look closely at the internal audit and compliance processes.

11 Tools and Techniques Consider using a subject matter expert
Some entities may not have an in-house expert to handle specific business functions. Independent third-party compliance auditing firms, tax lawyers and others can help close any gap.

12 Tools and Techniques Be pro-active to changes in the industry
“Static” is one of the biggest threats to compliance because compliance is not static, it's a "moving target“. External evaluations will probably tailor their inspection to ensure that any new regulations are accommodated.

13 Tools and Techniques Read the news
Be alert of problems within your industry or business environment Read the news Subscribe to automatic alert services Share information with colleagues Some examples: Department of Justice decisions on any entity that was fined for inappropriate practices Class action suits settled

14 Tools and Techniques Demonstrate that you can keep compliance data secure Many regulations place security requirements on sensitive data, preventing unauthorized access and safeguarding the data against alteration or destruction. This may involve technologies like encryption and firewalls products. Inspectors will want to verify that aspects of these security requirements are in place and working properly. Have policies and procedures in place to address the scheduling of data destruction and storage.

15 Tools and Techniques Gather and furnish documentation quickly
Provide documents quickly and this should be an important focus of your internal process. Maintain in a centralized manner the gathering and furnish of information in one or two team members.

16 Tools and Techniques Don't ignore the importance of a business continuity plan Be sure to have documented your important processes and systems in the business continuity plan. Examiners may want to see disaster recovery plans for business units/processes, technology and emergencies.

17 Tools and Techniques Bring known issues to the table
Self-disclose any known issues to the external examiner along with a corresponding corrective action plan. Penalties for intentionally hiding issues tend to be higher than having a self-disclosed issue.

18 Conclusion Although similarities and differences exists in the compliance and internal audit functions, both can help Management achieve their goals within the regulatory and internal control boundaries. In facing the examiners the most important role of the compliance and internal functions is to work in collaboration with the external evaluator.

19 Questions

20 Reference Roles and Responsibilities – Corporate Compliance and Internal Audit”  by  Mark P. Ruppert, nce-RolesResp pdf

Download ppt "CPA Gilberto Rivera, VP Compliance and Operational Risk"

Similar presentations

Auditing, Assurance and Governance in Local Government

Auditing, Assurance and Governance in Local Government
Lisanne Sison Director ERM Bickmore

Lisanne Sison Director ERM Bickmore
Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.

Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.
Auditing Computer Systems

Auditing Computer Systems
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
The Islamic University of Gaza

The Islamic University of Gaza
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
1 Pertemuan 9 Department Organization Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.

1 Pertemuan 9 Department Organization Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Implementing and Auditing Ethics Programs

Implementing and Auditing Ethics Programs
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
WHAT ARE MY AUDITORS DOING?. Your Presenter Dianne Batistoni, CPA –EisnerAmper Insurance Group Audit Partner – Bridgewater, NJ –908-218-5002, ext. 2239.

WHAT ARE MY AUDITORS DOING?. Your Presenter Dianne Batistoni, CPA –EisnerAmper Insurance Group Audit Partner – Bridgewater, NJ – , ext
Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,

Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
Internal auditing for credit unions Nuala Comerford, Chair IIA Irish Region Committee Pamela McDonald Council Member IIA Credit Union Summer School Thursday,

Internal auditing for credit unions Nuala Comerford, Chair IIA Irish Region Committee Pamela McDonald Council Member IIA Credit Union Summer School Thursday,
Regulatory Requirements & Compliance: Ensuring Effective Outcomes Presented By: John E. Palmer, CPA Managing Director/Principal.

Regulatory Requirements & Compliance: Ensuring Effective Outcomes Presented By: John E. Palmer, CPA Managing Director/Principal.
D-1 McGraw-Hill/Irwin ©2005 by the McGraw-Hill Companies, Inc. All rights reserved. Module D Internal, Governmental, and Fraud Audits “I predict that audit.

D-1 McGraw-Hill/Irwin ©2005 by the McGraw-Hill Companies, Inc. All rights reserved. Module D Internal, Governmental, and Fraud Audits “I predict that audit.
Implementing and Auditing Ethics Programs

Implementing and Auditing Ethics Programs
Establishing A Compliance Program: It Makes Sense

Establishing A Compliance Program: It Makes Sense
Chapter 5 Internal Control over Financial Reporting

Chapter 5 Internal Control over Financial Reporting

Similar presentations

Ads by Google