News

SUBSCRIBE to our weekly e-mail (with live links) for just €5 per month
+++++++++++++++

ELEC Paper: Why EU Capital Markets Union has become a “must have” and how to get there -Feb 2024

My collected papers - 1989/1993: Market Discipline in EMU

Public Information

Expand

Graham Bishop Consultancy

Friends of GrahamBishop.com

Brussels 4 Breakfast

CPD / Education and Learning

Graham Bishop - Biography

Graham's Blogs

Graham's Media Activities

Graham's Speeches

Graham's Writing

Press Resources

My `pro bono' work

Technical Difficulties

Privacy Policy

Terms and Conditions

Tweets by @GrahamBishopcom

Follow @GrahamBishopcom

Article List:

IIA/Chambers: The tr...
FRC publishes new Au...
IIA/Chambers: Indepe...
CIIA: Financial serv...
FEE's paper on the a...
UK Competition Commi...
ECIIA: Banks need in...
>>IIA: Auditing for co...
IIA/Chambers: Should...
FEE: Factsheet on cr...
IIA: The compliance ...
FRC: UK and US regul...
Fitch Ratings: Audit...
FRC: Response to Com...
FEE: Audit policy un...

Home>Aladdin's Cave - Archives>Auditing

Print Page Save to My Library <Next Article Previous Article>

25 September 2013

IIA: Auditing for compliance

Default: Change to:

The Compliance function plays a second line of defence role within corporate governance, but it also has a place in the first line of defence for its own activities with ownership, responsibility and accountability for directly assessing, controlling and mitigating risks.

As part of the overall risk assessment of an organisation internal audit should include compliance risk within their audit plan.

To assist with an audit of compliance here are some top tips.

Confirm that responsibility for oversight and stewardship of the corporate compliance programme has been allocated to a chief compliance officer/senior officer level that reports into the executive team.

Ensure that there is an adequate internal staffing team and/or access to external resources with sufficient knowledge and experience of regulatory compliance.

Confirm that there is support from executive management with clear and direct access to the board.

Ensure that there is a corporate compliance committee in place.

Obtain the most up-to-date compliance standards, policies and procedures to confirm existence, level of detail/clarity, review dates and ensure that they have been authorised by senior executives.

Establish accessibility and communication of compliance standards, policies, and procedures to all employees and other company representatives such as consultants and sub-contractors.

Ensure that training programmes are in place to ensure that employees and other company representatives are aware of their compliance responsibilities.

Talk to employees and other company representatives to ensure that they are clear about their individual responsibilities.

Understand the systems and processes in place for issuing updates and revisions of guidance to ensure it is well communicated.

Identify and review monitoring and auditing systems are in place to detect intentional or unintentional regulatory non-compliance by employees and other company representatives.

Confirm and review the maintenance and publication of a whistleblower phone line and e-mail account to enable confidential reporting of potential regulatory breaches without fear of reprisal.

Confirm that enforcement of compliance standards, policies, and procedures is through appropriate, consistent disciplinary procedures.

Ensure that where breaches have been identified all reasonable steps are taken to prevent future similar occurrences, including review of controls and making any appropriate changes to the compliance programme.

Press release

© IIA - The Institute of Internal Auditors

< Next Previous >

Key
Hover over the blue highlighted text to view the acronym meaning
Hover over these icons for more information

Comments:

No Comments for this Article

Add new comment

Show name and company details

Follow Us

News

Public Information

Article List:

25 September 2013

IIA: Auditing for compliance

© IIA - The Institute of Internal Auditors

Key

Comments: