Governance: Life after Enron
advertisement
Governance : Life after Enron Randy Manscill, CIA, CFE, CFSA Vice President, Chief Audit Executive America First Credit Union Lessons from Enron • Greed and Lack of Integrity was the root cause for failure • All Five Components of the Corporate Governance model failed • Sarbane-Oxley does not apply to Credit Unions Lessons from Enron • Credit Unions are Different • • • • • • Non-profit / Cooperatives No public stock prices or quarterly earnings No huge bonus incentives Single industry vision No complex accounting entries Everyone can learn from the experiences of others - Best Practices Governance Process • The procedures used by the governing body (Credit Union Board of Directors) to provide oversight of risk and control processes administered by management. • Synonyms for Governance • Accountability • Integrity • Consciousness Monitoring Going Concern Trust Business Risk • The possibility that an event, activity, or action will impact the ability of an organization to execute it’s tactical and strategic business plans and achieve it’s business objectives Control Process • A process, or device designed to provide reasonable assurance regarding the achievement of : • • • • Business Plans and Objectives Effectiveness and efficiency in operations Reliability of financial reporting Compliance with applicable laws and regulations Governance Model Board of Directors Supervisory Committee Internal Auditors Senior Management External Auditors Governance Model • • • • • Roles clearly defined & communicated Everyone is accountable Resources available to all Model is only as strong as the weakest link Integrity is common to all Governance Model • Check and balances • Governance is essential for survival • Guidelines for each component • Attributes (What you are) • Performance (What you do) Governance Guidelines Board of Directors • Attributes • • • • • (what you are) Independent Directors - no conflict of interest Most qualified Directors available Improve education and training of Directors Orientation for new board members Written Board policies, responsibilities of Directors and Committees Governance Guidelines Board of Directors • Attributes (what you are) • Committees to Focus on Risk areas • Supervisory or Audit Committee • Nominations Committee • Executive Committee • Asset / Liability Committee (ALCO) • Information Technology Committee • Governmental Affairs Committee • Pension Committee Governance Guidelines Board of Directors • Attribute (what you are) • Nomination Committee • Set and maintain qualification standards • Identify qualified Volunteers • Diverse and skilled directors • Elections • Volunteer appointments Governance Guidelines Board of Directors • Performance • • • • • • (what you do) Approve Business / Strategic Plan Approve Policies, Budgets, Waivers Succession Plans (Board and Management) Transformational Transactions Risk and Control Assessment Processes Measuring and Monitoring Performance Governance Guidelines Board of Directors • Performance • • • • • (what you do) Tone at the Top (code of conduct) Hire, compensate, reward the CEO Telling the World; How the CU is doing Annual Self Assessment of the Board Governance Audit Governance Guidelines Board of Directors • Performance (what you do) • Nose In, Fingers Out Governance Guidelines Supervisory Committee • Attributes (what you are) • Independent Committee Members - No conflict of interest • Assist the Board with Oversight Responsibilities • Board Involvement Essential • Big Picture and Full Scope • Designate a Financial Expert Governance Guidelines Supervisory Committee • Attributes • • • • • • (what you are) Designate other specialties / skills Provide training and resources Committee Charter or Policy Liaison with Board, management, auditors Training ground for Board members Succession Plan for Committee Governance Guidelines Supervisory Committee • Performance (what you do) • Assessment of Risk, Control & Compliance • Appoint and oversee the CPA firm • Annual Financial Statement Opinion audit • Verify member account balances • Review all letters and disclosures with CPA • Sign the engagement letter • Scope, timing, coordination, workpapers, fees • Evaluate performance of CPA firm • Pre-approve all non-audit work Governance Guidelines Supervisory Committee • Performance (what you do) • Ensure proper reporting to Regulator • NCUA Form 5300 Financial and Statistical Report • Response to Examiners report • Copy of Audited Financial Statements • Report to the Board regularly and members annually • Review Interim Financial Statements Governance Guidelines Supervisory Committee • Performance (what you do) • Review new accounting and reporting issues • Meet regularly with Internal Audit (IA) • Review IA Activities, Audit Plan, Charter, Budget, Staffing and Organization • Attend Board meetings and other meetings • Review Board minutes • Maintain agendas and minutes of meetings • Annual self assessment of the Committee Governance Guidelines Senior Management • Attributes (what you are) • Vision and leadership for staff • Common body of skills, education and knowledge to operate the Credit Union • High integrity and ethics • Continual training • Mission statement • Adequately compensated and rewarded • Succession Plan for Management Governance Guidelines Senior Management • Performance • • • • • (what you do) Plan, organize, staff, direct, monitor Assess and manage risk Design and implement controls Develop code of business conduct and ethics Develop and monitor soft “controls” • Tone at the Top Governance Guidelines Senior Management • Performance • • • • (what you do) Develop strategic / business plans Develop budgets, financial & statistical reports Develop and test business continuity plan Certify to CPA accuracy and completeness of : • Financial statements • Risk and Control processes • No knowledge of fraud • Compliance with laws and regulations Governance Guidelines Internal Audit • New Definition of Internal Audit (IIA) • Internal Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Governance Guidelines Internal Audit • Attributes • • • • • (what you are) Independence and Objectivity Internal Audit Charter or Policy Full scope reviews, any and all aspects Full access, no restrictions to access Qualified Director or Chief Audit Executive (CAE) Governance Guidelines Internal Audit • Attributes (what you are) • Develop qualified and sufficient staff • Common body of knowledge • Certifications (CISA, CIA, CPA,CFE) • Education and experience • Co-source where necessary • Continuing education / new skills Governance Guidelines Internal Audit • Performance • • • • • • (what you do) Assurance Services (traditional) Consulting Services (projects, services) Fraud Investigation Services Specialized Training (staff, volunteers) Develop and conduct a Governance audit Review and recommend improvements to risk and control processes Governance Guidelines Internal Audit • Performance • • • • • (what you do) Develop and implement Annual Audit Plan Allocate resources by risk methodology Engagement (project) planning Performing the engagement (project) Communicate results of audit to appropriate levels: • First line manager • Senior and Executive Management • Supervisory Committee Governance Guidelines Internal Audit • Performance (what you do) • Summary reports to Supervisory Committee and Board • Risk, controls and governance activities • Audit plan, budget, staffing, activities • Adhere to Institute of Internal Auditors (IIA) standards • Periodic Quality Assurance Review Governance Guidelines External Auditor • Attributes (what you are) • Independent and Objective • Free from conflicts of interest • Report any impairment to independence • Mandatory Rotations • Periodic bid process • Qualifications and background to Audit CU • Specialized skills (I.T., Compliance, …) Governance Guidelines External Auditor • Performance (what you do) • Annual audit of financial statements • Consolidated statements • Generally Accepted Accounting Principles (GAAP) • Reasonable assurance • Limited scope • Not a fraud audit • Disclosures of GAAP • Transparency Governance Guidelines External Auditor • Performance (what you do) • Other CPA Audits • Student Loans • Uniform Single Attestation Program (USAP) • Freddie Mac • Pension, 401K plans • ACH annual audit (I.A. may perform) • ATM and PIN audits (I.A. may perform) Governance Guidelines External Auditor • Performance • • • • • (what you do) Report any disagreements with management Report accounting adjustments (actual / proposed) Management representation letters - disclaimers Report any fraud discovered Management Letter • No material weakness in controls • Observations, Improvements Governance Model Big Picture Board Approve/Oversight Big Picture Supervisory Committee Review/Oversight Details Internal Auditors Review/Recommend Details Senior Management Implement / Monitor Details External Auditors Review/Recommend Governance Guidelines Resources • Sources • IIA Website http://www.theiia.org/ • Governance http://www.theiia.org/iia/index.cfm?doc_id=4061 • Tone at the Top http://www.theiia.org/iia/index.cfm?doc_id=739 • Publications from the IIA • Corporate Governance and the Board - What Works Best isbn 0-89413-438-8 • Audit Committee Effectiveness - What Works Best isbn 0-89413-446-9 • ACUIA Website http://www.acuia.org With Governance, Life Goes On After Enron
