13_0507 CCUL Powerpoint

advertisement
Internal Controls
Todd Olszowy
VP Finance/CFO
Water & Power Community CU
Internal Controls
• Definition: A well defined and documented set of
systematic measures adopted and implemented
by an organization designed to:
– Conduct business in an orderly, efficient & effective
manner
– Safeguard assets and other resources
– Deter and detect errors, fraud and theft
– Ensure accuracy, completeness and compliance of
financial and reporting data
– Ensure compliance and practice to established and
adopted policies and procedures
Internal Controls
• Conducting business in an orderly,
efficient and effective manner
– Establish Risk Tolerance
• Assess the degree to which you are willing accept
risk
• Document, report & manage to risk tolerance
• Be willing and able to accept and survive the
consequences of risk failure
Internal Controls
• Continued
– Cost/Benefit Analysis
• Are the internal controls implemented due to risk
assessment creating an operating environment
that restricts member service (orderly), inhibits
employee productivity or morale (efficient) or
prohibits growth (effective)
Internal Controls
• Safeguard assets and other resources
– Basic safeguards should be incorporated into
credit union policies and procedures
•
•
•
•
•
•
Rotation of duties
Proper segregation of duties
Compulsory vacations
Dual controls
Adequate documentation
Surprise audits/cash counts/access controls
Internal Controls
• Deter & detect errors, fraud and theft
• Credit unions with limited staff are often at higher
risk of errors, fraud and theft due to the fact that
many critical duties and responsibilities are
preformed by few people
Internal Controls
• Ensure accuracy, completeness and
compliance of financial and reporting data
– Annual examinations, audits and AUP
(agreed upon procedures) are not designed
nor intended to detect fraud and thus are not
intended to be utilized as substitutes for a
safe and sound system of well documented
and executed system of internal controls.
Internal Controls
• Ensure compliance and practice to
established and adopted policies and
procedures
– Document risk tolerance and state in your
policies the what, who, when, why & how
• Policies should explicitly state
–
–
–
–
–
What are you going to do
Who is going to do it
How often are you going to do it
Why are you doing it
How do you intend to do it
Internal Controls
• Continued
• Actual practice should ensure that
– You actually did what you said you were going to do
– It was done by the person or persons you said were
going to do it
– It was completed within the proper timeframe
– Document why you did it
– Was it done procedurally in the manner in which you
intended
Internal Controls
• NCUA Examination Focus
– NCUA Letter No. 13-CU-01
• NCUA goal is a strong, safe credit union system
• Credit unions continue to evolve and face various
economic and operational challenges
• NCUA 2013 Supervisory Focus is to improve credit
union capacity to manage risk
Internal Controls
• NCUA continued
• 2013 Examination Capacity Focus
– Operational Risk
• The risk of loss resulting from inadequate or failed internal
processes, people and systems that ensure the security and
stability of service delivery channels
• Two primary areas of operational risk focus
– Technology - Adopting new technology to meet evolving
member service needs and leveraging automation to increase
efficiency i.e remote deposit capture, online banking, mobile
banking and social media
– Internal Controls – examination of a sound system of controls
to ensure that credit unions are operated in a safe manner
consistent with board approved policies and procedures
Internal Controls
• NCUA continued
• Balance Sheet Management
– In 2013 NCUA examiners will focus on the ability of
credit unions to generate adequate earning without
adversely increasing specific risk factors
• Interest Rate Risk (IRR) – high levels of long-term assets
funded by short-term less stable funds (shares)
• Concentration Risk- focus on a limited diversification of
assets
• Less Established Products – credit union entrance into less
established more complex products where the credit union
may lack the experience and expertise to adequately mitigate
risk controls
Internal Controls
• Cooperation/Relationships/Resources
– CCUL
– Larger Credit Union
– CPA/Audit Firm
– NCUA Examiner
Internal Controls
• Summary
– The purpose of internal controls is not to entrap or
inhibit employees but rather to provide an
environment which discourages staff and
management from doing something they would not
ordinarily do.
– In smaller credit unions the supervisory committee
typically oversees the internal control function
– Ultimately credit union officials are responsible for
implementing a system of sound internal controls and
for ensuring that those controls are regularly adhered
to by staff as well as management
Internal Controls
• Questions?
Download