Integrated Compliance, Risk Management & Internal Audit

Written By:Thomas Karlsson

Financials institutions of all sizes are now more concerned than ever about risk and compliance management. New banking products, increased government scrutiny and intense focus on operating efficiencies bring forth greater risks and a larger set of rules and regulations. With increasing risks and rules and regulations financial institutions have to spend a substantial part of their time and money in mitigating risks and complying with regulatory and operational compliance requirements.

Financial institutions have typically addressed compliance with a 'silo' approach. As a result, they find themselves managing risk and compliance in an uncoordinated manner resulting in duplication of efforts and causing the cost of compliance to spiral out of control.

Clearly a new approach is called for that brings compliance, risk management and internal audit into a framework that enables management to measure, prioritize and manage them efficiently and effectively. The organization should employ a streamlined framework that integrates compliance and internal audit activities across lines of business and shared service functions which would eliminate redundancies and overlap efforts.
The three major keys in such an approach are:

• Diagnosis: An evaluation of current business operations and the compliance implications is the first step. This step identifies compliance resources, internal audit resources, technologies and actively develops an initial baseline cost of compliance and internal audit. Existing risks, compliance resources, internal audit resources, control and technologies are split up and divided into groups to be catalogued.
• Analysis: This step involves analyzing the effectiveness of the existing compliance and internal audit programs against existing risks and indentifying any compliance gaps and potential needs for additional controls and elimination of duplicative services. This rationalization can save any organization up to 10-15% over a 6-12 month period according to research performed by a leading accounting firm
• Implementation: The last step involves implementing the new compliance and internal audit operating model that has been developed.

These three steps should generate greater compliance and internal audit effectiveness at a lower cost.

The new compliance and internal audit operating model should differ from the current model with the following differences:

• The organization should now have an integrated compliance and internal audit function which facilitates a more consistent approach across the organization ensuring standards are consistently being met and any duplication and unnecessary activities are reduced, if not eliminated and therefore, costs are reduced.
• Compliance management controls can now be assessed against a common enterprise-wide standard that replaced the individual standards in the old model.
• With the more integrated and compliance efforts, the technology infrastructure can be more closely aligned with compliance and internal audit needs. The institution might be able to automate manual activities and eliminate duplicative applications, potentially further driving down its cost structure.
• The new integrated operating model should help in integrating reporting relationships across risk areas, compliance management functions, and internal audit functions improving communications about any risk and compliance issues. A more integrated structure creates open dialogues and increases awareness of operational risk and compliance issues which fosters a stronger risk and compliance management culture.
• The benefits generated from implementing a new more efficient risk and compliance model may yield a 10-20% reduction in cost within the first year after implementation. Beyond the monetary benefits, there are additional benefits.

An integrated approach to risk and compliance management better positions financial institutions to address future risks and anticipate the impact of changing conditions. The cost savings and improved risk management may provide a competitive advantage. As markets become more risky, it may provide the most important basis for competitive success.

Contact Nichols, Cauley & Associates by Email, phone, or online form with your questions.

Site visitors should keep in mind that the content is generally designed to be of general applicability. Particular state laws, regulations and special contractual provisions can greatly impact rights, responsibilities and legal obligations. Only a competent attorney, accountant or other professional looking at all the pertinent facts and circumstances of a particular situation can provide definitive guidance for you. Please refer to our important legal discalimer which can be accessed from the bottom of any BankAudit.net webpage.