Showing posts with label internal control of banking. Show all posts
Showing posts with label internal control of banking. Show all posts
Friday, September 30, 2011
Outsourcing and internal control in Banking Part.II
In this context, the establishment of collective audit providers could help save time and productivity for each establishment.
This optimization of the audit activities outsourced more and more interested in the Inspection Branch of the big banks. And working groups were formed in a pooled between several banks in order to define the terms of planning, implementation and monitoring of audits of providers. The working group is considering the establishment of a governance structure, a plan of joint audit and risk mapping for the shared use of audits should be part of common control risks of each institution without failing to respect the privacy principles of each Bank.
However, to date, nothing has yet been clearly defined and different approaches are envisaged for the implementation of shared audits:
* Audits carried out by joint team delegations
* Audits shared between delegations (each delegating the responsibility of an audit)
* Audits by authorized third parties
what could be the conclusions of this working group?
The operational implementation of a system audit activities outsourced based on audits shared between the delegating or on a joint team delegations, would seem the most logical and easiest to implement. But that solution presents risks to lead to potential conflicts of interest on the conduct of audits, the findings and the implementation of action plans. Thus, differences between schools could undermine the legitimate operation of the audits. The conduct of audits by authorized third parties, outside each bank, would then appear as the preferred solution as long as you specify the responsibility of each institution's contractual terms.
But should we in this case provide auditing services of third parties mandated?
Indeed, in the case of annual monitoring of outsourced activities, external auditors could be considered as service providers intellectual Internal Control. The control activity is necessarily "essential" it therefore falls within the scope of activities to be audited!
Under these conditions, the task of the Working Group seems difficult to reach consensus on a pragmatic and operative in order not to deport the weight of outsourced activities on control functions.
Outsourcing and internal control in Banking Part.I
The use of outsourcing is a growing phenomenon that is a strategic choice for enterprises, generally guided by the objective of streamlining production costs and improve profitability. Did not escape this trend, banks are also appeal to external structures in order to give them in exchange for remuneration of non-strategic or unprofitable. For example, check processing is an activity often outsourced by the banks because it creates a significant load input and low added value.
But beware; the outsourcing of an activity does not prevent its control.
Indeed, 2007 orders involve clarifying the controls to be installed on the outsourced activities "essential." These changes are intended to ensure the principle of "no transfer of responsibility" of the Bank's external service provider. In this context, banks should review their internal control systems with a view to measuring, monitoring and control of risks related to outsourced activities. The controls must include details of:
* A guarantee of quality for normal service.
* The establishment of a plan for continuity of service by the service (commitment of recovery time).
* The protection of confidential information.
De facto, the outsourcing should result in a written contract between the provider and establishing external client. The contract shall contain a clause giving the right to regular audits and a statement of the steps taken by the continuous monitoring and periodic monitoring of outsourced activities. In view of these regulations, what are the good practices observed in the square as part of outsourced providers to common? Given the fairly concentrated market providers, banks often resort to common providers. For example include BRINKS Evolution for transporting money or Experiance to check processing draining a very large market share on their respective activities.
Subscribe to:
Posts (Atom)