Upload
elizabeth-sharp
View
214
Download
2
Embed Size (px)
Citation preview
Internal Controls
Todd Olszowy
VP Finance/CFO
Water & Power Community CU
Internal Controls
• Definition: A well defined and documented set of systematic measures adopted and implemented by an organization designed to:– Conduct business in an orderly, efficient & effective
manner– Safeguard assets and other resources– Deter and detect errors, fraud and theft– Ensure accuracy, completeness and compliance of
financial and reporting data– Ensure compliance and practice to established and
adopted policies and procedures
Internal Controls
• Conducting business in an orderly, efficient and effective manner
– Establish Risk Tolerance• Assess the degree to which you are willing accept
risk• Document, report & manage to risk tolerance• Be willing and able to accept and survive the
consequences of risk failure
Internal Controls
• Continued
– Cost/Benefit Analysis• Are the internal controls implemented due to risk
assessment creating an operating environment that restricts member service (orderly), inhibits employee productivity or morale (efficient) or prohibits growth (effective)
Internal Controls
• Safeguard assets and other resources– Basic safeguards should be incorporated into
credit union policies and procedures• Rotation of duties• Proper segregation of duties• Compulsory vacations • Dual controls• Adequate documentation• Surprise audits/cash counts/access controls
Internal Controls
• Deter & detect errors, fraud and theft• Credit unions with limited staff are often at higher
risk of errors, fraud and theft due to the fact that many critical duties and responsibilities are preformed by few people
Internal Controls
• Ensure accuracy, completeness and compliance of financial and reporting data– Annual examinations, audits and AUP (agreed
upon procedures) are not designed nor intended to detect fraud and thus are not intended to be utilized as substitutes for a safe and sound system of well documented and executed system of internal controls.
Internal Controls
• Ensure compliance and practice to established and adopted policies and procedures– Document risk tolerance and state in your
policies the what, who, when, why & how• Policies should explicitly state
– What are you going to do– Who is going to do it– How often are you going to do it– Why are you doing it– How do you intend to do it
Internal Controls
• Continued• Actual practice should ensure that
– You actually did what you said you were going to do– It was done by the person or persons you said were
going to do it– It was completed within the proper timeframe – Document why you did it– Was it done procedurally in the manner in which you
intended
Internal Controls
• NCUA Examination Focus
– NCUA Letter No. 13-CU-01• NCUA goal is a strong, safe credit union system• Credit unions continue to evolve and face various
economic and operational challenges• NCUA 2013 Supervisory Focus is to improve credit
union capacity to manage risk
Internal Controls
• NCUA continued
• 2013 Examination Capacity Focus– Operational Risk
• The risk of loss resulting from inadequate or failed internal processes, people and systems that ensure the security and stability of service delivery channels
• Two primary areas of operational risk focus– Technology - Adopting new technology to meet evolving
member service needs and leveraging automation to increase efficiency i.e remote deposit capture, online banking, mobile banking and social media
– Internal Controls – examination of a sound system of controls to ensure that credit unions are operated in a safe manner consistent with board approved policies and procedures
Internal Controls
• NCUA continued
• Balance Sheet Management– In 2013 NCUA examiners will focus on the ability of
credit unions to generate adequate earning without adversely increasing specific risk factors
• Interest Rate Risk (IRR) – high levels of long-term assets funded by short-term less stable funds (shares)
• Concentration Risk- focus on a limited diversification of assets
• Less Established Products – credit union entrance into less established more complex products where the credit union may lack the experience and expertise to adequately mitigate risk controls
Internal Controls
• Cooperation/Relationships/Resources– CCUL– Larger Credit Union– CPA/Audit Firm– NCUA Examiner
Internal Controls
• Summary– The purpose of internal controls is not to entrap or
inhibit employees but rather to provide an environment which discourages staff and management from doing something they would not ordinarily do.
– In smaller credit unions the supervisory committee typically oversees the internal control function
– Ultimately credit union officials are responsible for implementing a system of sound internal controls and for ensuring that those controls are regularly adhered to by staff as well as management
Internal Controls
• Questions?