Internal Controls for Financial Institutions

Internal Controls in the Context of Today’s Corporate Governance

• What is Corporate Governance?
• Why is it different for financial institutions?
• Internal controls as a mechanism for controlling risks
• Board and senior management responsibilities for internal controls and the establishment of a control culture
• US Sarbanes Oxley Act 2002 and its requirements for monitoring and annual reporting on internal controls effectiveness

Main Components and principles of Internal Controls

• The definition and purpose of internal controls
• The five components of the original COSO internal controls framework
• Integration of the original COSO control framework into COSO Enterprise Risk Management framework (ERM)
• Linking COBIT to COSO – Information technology framework and internal controls

Financial Sector Regulators and Internal Controls

• The three categories of objectives for internal controls
• COSO internal controls framework – the expanded 2013 revision
• The new seventeen principles – practical application to provide comprehensive controls
• The strong link between Basel II operational risk management and COSO
• Inherent limitations of internal controls

The Control Environment

• The vital first step – establishing the management tone at the top and an institution-wide code of conduct reflecting integrity and ethical values
• Board and management’s delegation of authority
• Commitment to competence – attracting developing and retaining the right human resources
• Performance measures incentives and rewards

Types of Internal Controls

• Risk appetite and strategy established by the Board and risk response strategies
• Control activities internal controls responsibilities and uses through the eyes of different stakeholders
• Inherent and residual risks
• Reporting and assurance