1 / 23

Audit & Compliance or Audit vs. Compliance

Audit & Compliance or Audit vs. Compliance. Debbie Austin – CTCP, CFSA, VP Fiduciary Compliance Manager PNC Bank, Philadelphia, PA Gary Pelcak – CTA, CFSA, CFE Chief Audit Executive Central National Bank, Junction City, Ks. AGENDA Introduction Rules of Engagement

benjaminclement
Télécharger la présentation

Audit & Compliance or Audit vs. Compliance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Audit & Compliance orAudit vs. Compliance DAA and GEP Orlando 2008

  2. Debbie Austin – CTCP, CFSA, VP Fiduciary Compliance Manager PNC Bank, Philadelphia, PA Gary Pelcak – CTA, CFSA, CFE Chief Audit Executive Central National Bank, Junction City, Ks DAA and GEP Orlando 2008

  3. AGENDA • Introduction • Rules of Engagement • Differences and Similarities • Role of Audit and Compliance in today’s Environment • The relationship of continuous Auditing, Monitoring, and Assurance DAA and GEP Orlando 2008

  4. AGENDA (cont) • Key Steps to Implementation • Benefits of an Audit / Compliance Partnership • Summary • Questions • Closing DAA and GEP Orlando 2008

  5. Differences and Similarities • Both considered part of the Risk Management Process • Audit Reports ultimately to the Board • Compliance reports to a joint risk committee • Compliance testing moved to IA DAA and GEP Orlando 2008

  6. Some Definitions To Help Us Internal auditing is an independent, objective, assurance and consultingactivity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectivesby bringing a systematic disciplined approach to evaluate andimprove the effectiveness of riskmanagement, control, and governance processes. DAA and GEP Orlando 2008

  7. Some Definitions to Help Us Compliance is a broad term routinely applied to a financial institution’s responsibility to adhere to state and federal laws and regulations, many of which are intended to protect consumers. DAA and GEP Orlando 2008

  8. Audit and compliance together should: Add Value = Value is provided by improving opportunities to achieve organizational objectives, identifying operational improvement, and/or reducing risk exposure through both assurance and consulting services. DAA and GEP Orlando 2008

  9. The audit function should provide Assurance Services = An objective examination of evidence for the purpose of providing an independent assessment on risk management, control, or governance processes for the organization. Examples include financial, performance, compliance, system security, and due diligence engagements. DAA and GEP Orlando 2008

  10. and should work with compliance on Consulting Services = Advisory and related client service activities, the nature and scope of which are agreed with the client and are intended to add value improve an organization’s governance, risk management, and control processes without the internal auditor assuming management responsibility. Examples: counsel, advice, facilitation, training. DAA and GEP Orlando 2008

  11. Role of Audit and Compliance in today’s Environment • Today’s audit and compliance challenges • Regulatory compliance & controls • 12CFR 9.9(b) Continuous Audit - Audit of Fiduciary Activities • Internal audit value and independence • Availability of skilled resources • Determining appropriate technology solutions • Need for timely, on-going assurance over risk management and control systems DAA and GEP Orlando 2008

  12. Role of Audit and Compliance in today’s environment (cont) • Provide more frequent, more timely, analyses to better manage control deficiencies and risk. DAA and GEP Orlando 2008

  13. The relationship of continuous Auditing, Monitoring, and Assessment • Continuous Auditing • Method used to perform audit related activities on a continuous basis. • Includes control and risk assessment • Performed by internal audit DAA and GEP Orlando 2008

  14. Compliance Monitoring • IA Schedule and Compliance Schedule • Specific Requests to IA • Dashboard • conduct monthly “Where are we at?” and “What are you seeing?” meetings • On the same committees • Invited to all Entrance & Exit Meetings • Copied on all reports & memos DAA and GEP Orlando 2008

  15. Continuous Monitoring • Processes to ensure policies / processes are operating effectively and to assess adequacy / effectiveness of controls • Performed by operational / financial management; audit independently evaluates adequacy of management activities DAA and GEP Orlando 2008

  16. Continuous Assurance • Combination of continuous auditing and audit oversight of continuous monitoring DAA and GEP Orlando 2008

  17. Relationship of Continuous Auditing/Monitoring/Assurance • Role of continuous auditing dependent on management’s role in continuous monitoring of controls • Inverse relationship: the greater the role of management, the less of a direct role of internal audit • True continuous assurance • Depends on effective monitoring by management of internal controls and Audit’s independent assessment of that function DAA and GEP Orlando 2008

  18. Application Areas • Continuous control assessment • Identification of control deficiencies • Identification of fraud, waste, abuse • Continuous risk assessment • Examination of consistency of processes • Development of enterprise audit / compliance plan • Support to individual audits and compliance requests • Support / Follow-up on compliance recommendations DAA and GEP Orlando 2008

  19. Key Steps to Implementation • Establish the requirements for audit and compliance objectives • Gain executive – level support • Ascertain degree to which management is performing monitoring role • Select appropriate technology solutions • Identify information sources and gain access DAA and GEP Orlando 2008

  20. Key Steps to Implementation (cont) • Understand business processes and identify key controls and risks • Build audit and compliance skill set • Manage and report results DAA and GEP Orlando 2008

  21. Benefits of an Audit /Compliance Partnership • Increased scope of audit activities • Increased ability to mitigate risk • Reduced cost of internal control assessment • Increased confidence in financial results • Improvements to financial operations DAA and GEP Orlando 2008

  22. Benefits (cont) • Reduced financial errors and potential for fraud • Reduced revenue leakage for improved bottom – line results • Sustainable and cost effective means to support compliance DAA and GEP Orlando 2008

  23. Summary • Differences and Similarities • Role of Audit and Compliance in today’s Environment • The relationship of continuous Auditing, Monitoring, and Assurance • Key Steps to Implementation • Benefits of an Audit / Compliance Partnership DAA and GEP Orlando 2008

More Related