vector internal control mike trigg. vector what is internal control? a key part of effective...
DESCRIPTION
vector COMPONENTS Controls Information and communication processes Monitoring processesTRANSCRIPT
vector
INTERNAL CONTROL
Mike Trigg
vector
WHAT IS INTERNAL CONTROL?
A key part of effective corporate governance Policies and processes to:
- make operations efficient and responsive to risk- ensure quality of internal/external reporting- ensure compliance with internal rules, regulations and laws
vector
COMPONENTS Controls Information and communication
processes Monitoring processes
vector
KEY FEATURES Embedded in bank’s operations and part
of the culture Able to respond quickly to changing
risks inside and outside the bank Procedures for urgent escalation of
control weaknesses
vector
DEVELOPING THE INTERNAL CONTROL
REGIME1 Define objectives2 Define risks and risk appetite3 Assess significant risks4 Design controls5 Allocate ownership and accountability6 Monitor
vector
(1) OBJECTIVES Clear objectives Communicated to, and understood by,
all employees Critical success factors and performance
indicators
vector
(2) DEFINE RISKS AND RISK APPETITE
Internal External Operational Credit Liquidity Market Reputational
vector
(3) RISK ASSESSMENT
PROBABILITY
IMPACT
vector
(4) DESIGN CONTROLS
Focused on significant risks Responsive Early alert Define accountability Define freedom of action Effective flow of information
vector
(5) MONITOR
The Board Risk functions The Business Audit Committee Internal Audit External Audit
vector
Risk Appetite Policies Controls
Local Business Operations
Business Senior Management
Risk Functions
Board Reporting RiskReporting Performance
vector
BOARD/DIRECTORS
Ultimate responsibility to maintain internal control system
Must set policies Must review effectiveness of regime Must disclose status of regime to
stakeholders (regulators?)
vector
RISK FUNCTIONS
Design and recommend policy Formulate risk assessment tools Independent view Approvals within policy
vector
THE BUSINESS All employees are accountable Implement policy Identify, evaluate, escalate risks Create internal controls that reflect:
- Board policy - Risk appetite - Risk assessment - Bank’s objectives
vector
AUDIT COMMITTEE
Receive reports Independent assessment Recommendations to full Board
vector
INTERNAL AUDIT/EXTERNAL AUDIT External Audit is finance focused Provides assurance on implementation of
policies and controls Recommends corrective action Determines audit programme through risk
assessment Independent line to Chairman/CEO
vector
CONCLUSIONS
1 Define bank’s objectives2 Define risks to those objectives3 Design policies and controls to manage
risks4 Define ownership and accountability5 Encourage honesty and transparency6 Monitor aggressively