1 / 18

Internal Control and Internal Audit

16 July 2012. Page 2. Index. Internal ControlConcept and elementsControl environmentControl activitiesCommunicationMonitoringDocumentationCompliance functionInternal AuditDuties and responsibilitiesProportionality . 16 July 2012. Page 3. BUT BOTH ARE IMPORTANT ELEMENTS OF GOVERNANCE . . IN

Télécharger la présentation

Internal Control and Internal Audit

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.


Presentation Transcript

    1. 17 July 2012 Page 1 Internal Control and Internal Audit Teija Korpiaho Malta, 8/4/2010

    2. 17 July 2012 Page 2 Index Internal Control Concept and elements Control environment Control activities Communication Monitoring Documentation Compliance function Internal Audit Duties and responsibilities Proportionality

    3. 17 July 2012 Page 3 INTERNAL CONTROL ? INTERNAL AUDIT

    4. 17 July 2012 Page 4 Article 41 - General governance requirements

    5. 24.4.2009 Page 5

    6. Article 46 - Internal control undertaking shall have in place an effective internal control system. The system shall at least include administrative and accounting procedures, an internal control framework, appropriate reporting arrangements at all levels of the undertaking a compliance function. 24.4.2009 Page 6

    7. Internal Control the concept A set of continually operating processes involving the administrative, management or supervisory body and all levels of personnel. Designed to secure at least the following: a) Effectiveness and efficiency of the undertakings operations in view of its risks and objectives; b) Availability and reliability of financial and non-financial information; and c) Compliance with applicable laws, regulations and administrative provisions. The more principles (and risk) based regulation the more is required from the internal control and risk management of the undertakings 24.4.2009 Page 7

    8. Elements of Internal Control Control environment Integrity and Ethical values Competence Control activities To ensure that management directives are carried out: approvals, verifications, authorizations etc. Communication Reporting and communication lines All levels of the organization Monitoring Management and supervisory activities, activities by the personnel Recommendations by Internal and external auditors Compliance 24.4.2009 Page 8

    9. Documentation A key element of Internal Control Well documented = written Approved by administrative or management body Updated at least annually Strategies on Business, risk management (incl. liquidity, concentration risk, credit risk, operational risk), underwriting and reserving, investment and ALM, reinsurance, internal audit Policies on risk management, underwriting, remuneration, investment and ALM, internal control, outsourcing, disclosure, information Plans on contingency and compliance 24.4.2009 Page 9

    10. Article 46 - Internal control .. The compliance function shall include advising the administrative or management body on compliance with the laws, regulations and administrative provisions adopted pursuant to this Directive. It shall also include an assessment of the possible impact of any significant changes in the legal environment on the operations of the undertaking concerned and the identification and assessment of compliance risk. 24.4.2009 Page 10

    11. Compliance Function Compliance risk = the risk of legal or regulatory sanctions, material financial loss or loss to reputation an undertaking may suffer as a result of not complying with laws, regulations and administrative provisions as applicable to its activities. Compliance function - to ensure the undertaking comply with applicable laws and regulatory requirements. Compliance plan Reporting: to report any major compliance problems it identifies to the administrative or management body. 24.4.2009 Page 11

    12. 17 July 2012 Page 12 The internal control system should take into consideration The risks of the undertaking The way undertaking is organized The information system in use The decision making system Etc. etc. One size does not fit all

    13. Article 47 - Internal audit Insurance and reinsurance undertakings shall provide for an effective internal audit function. The internal audit function shall include an evaluation of the adequacy and effectiveness of the internal control system and other elements of the system of governance. 24.4.2009 Page 13

    14. Article 47 - Internal audit The internal audit function shall be objective and independent from the operational functions. Any findings and recommendations of the internal audit shall be reported to the administrative, management or supervisory body which shall determine what actions shall be taken with respect to each of the internal audit findings and recommendations and shall ensure that these actions are carried out. 17 July 2012 Page 14

    15. Internal Audit 1(2) Systematic approach to evaluate and improve Independent From audited activities Own initiative Free access to all information Under direct control of administrative, management or supervisory body Direct communication with staff Free to express opinion Effective Resource, remuneration Objective 24.4.2009 Page 15

    16. Internal Audit 2(2) Audit charter The purpose, authority and responsibility Audit plan Audit work for next year(s) Based on risk analysis Annually reporting to the administrative, management or supervisory body Follow up of the recommendations 24.4.2009 Page 16

    17. Proportionality All undertakings shall have internal audit function The requirements of the directive should be proportionate to the nature, scale and complexity of the risks inherent in the business of an insurance or reinsurance undertaking. Not the size of the undertaking! The function must be in place but outsourcing is possible 17 July 2012 Page 17

    18. 17 July 2012 Page 18 Thank you teija.korpiaho@bof.fi

More Related