Presentation

advertisement
Internal Audit
of the
Estonian Financial Supervisory
Authority (EFSA)
Raivo Linnas
Internal Auditor
Tallinn, Estonia – June 29, 2004
1
Curriculum Vitae - I
From 01/2002 – Internal Auditor of the
EFSA.
10/1998 – 01/2002 – Head of
Performance Audit Department, Deputy
Auditor General, The State Audit Office.
2
Curriculum Vitae - II
08/1994 – 07/1998 – Chairman, Director
General, and Member of Management
Board in 2 Insurance Companies;
09/1993 – 05/1994 – Vice Chairman,
Member of Board of the Eesti
Sotsiaalpank.
3
Curriculum Vitae - III
From 04/2004 – Affiliate Member of the
IIA of UK and Ireland.
From 1985 - Dipl. Eng.
Former Lecturer of the Estonian
Business School.
4
About the EFSA - I
 Established on 01.01.2002;
 An agency created by the Riigikogu;
 With autonomous competence and a
separate budget and management;
 Independent in the conduct of financial
supervision;
 United Financial Supervision Authority;
 The Financial Supervision Authority Act.
5
About the EFSA - II
About 65 Employees;
The Council (6 members, including
Ministry of Finance, GBoE)
The Management Board (5 members);
8 Departments, IA, IS, PR.
About 70 Entities to be Supervised, incl
Issuers.
Budget of 2004 – circa 2.7 million EUR.
6
Place of Internal Audit
Unit in the EFSA
 Directly accountable to the
Management Board.
 No statutory links with Supervisory
Council.
 No Audit Committee.
7
Legal Framework
FSA § 18.3.9;
IA Reglement (Charter);
Job Description of IA;
Code of Ethics of IA;
Contract of Employment of IA.
Fixed-term Contract for 2+2 years.
8
Mission
To help Management Board
achieve goals and objectives in best way
with most reasonable consumption of
resources.
9
Goals and Objectives
To add value and develop the EFSA’s:
Management and Organizational
Culture; and
Control Environment.
To evaluate and improve the
effectiveness of risk management,
control and governance processes.
10
Tasks and
Responsibilities of IA
 Internal Audit Function;
 Handling of Conflict of Interests Issues;
 Risk Management Function
(secondary);
 Promote Quality Management;
 Promote Appropriate Ethics and Values
within the EFSA.
11
Rights of IA - I
To be Independent in Planning, Scoping
and Performing Audits and
Investigations;
Immidiate Direct Access to CMB and
MB in Corpore;
Access to all Files, Accounts,
Processes, Property and Data.
12
Rights of IA - II
Interview all Staff, incl Members of
Management Board (MMB);
Interview all Contractors and
Representatives of Entities Under
Supervision;
Take Part in meetings of MB and other
relevant meetings;
13
Rights of IA - III
Reject all tasks in case of risk of
incompetence, conflict of interests or
unobjectivity;
Contract Independent External
Expert(s);
Involve Personnel of EFSA in Audits
and Investigations;
Continuing development of knowledge,
skills, and other competencies.
14
Scope
All Fields of Activity of the EFSA;
All functions and projects;
All systems and processes;
Entire Staff, incl MMB;
All Structural Units.
15
Approach
Risk Based.
Implementing The IIA Internal Audit
Standards as well as possible.
No full compliance with the IIA IAS as of
today.
16
Planning
1. Strategic Plan (3-5 years);
2. Quarterly Plan; (Time-Resource Based)
3. Plan of Particular Audit.
SP and QP to be Confirmed by MB.
PPA to be Consulted with Chairman.
17
Reporting
The Case Report of Audit Results to the
CMB and/or MB.
Quarterly Report to the MB.
Annual Report of Activity to the MB.
Annual Report of Self-Assessment to
the CMB.
18
Content of QR - I
I Report of Most Important Activities
(Execution vs Plans).
II Observations of Most Important Risks.
III Report of All Activities by Areas of
Responsibility. (Execution vs Plans).
19
II Observations of Most
Important Risks - I
Risks of Communication and
Disclosure;
Financial Risks;
Risks of Planning and Budgeting;
Risks of Unachivement of Goals and
Objectives;
Risks of Image;
20
II Observations of Most
Important Risks - II
 Risks of Supervision;
 Risks of Handling Confidential Information;
 Observations on Risk Management;
 Observations on Control Environment;
 Observations on Corporate Governance;
 Observations on Conflict of Interests Issues;
 Observations on Fraud and Misusement;
 Varie.
21
Assessment
Self-Assessment of Each Particular
Audit.
Annual Self-Assessment.
Annual Internal Assessment.
Annual Appraisal.
External Assessment (At once in 3
years).
22
Audit Process
5 Stages and 12 Steps
Planning (4 Steps);
Conducting (1 Step);
Drafting Results (3 Steps);
Disclosure (1 Step);
Assessment (2 Steps);
Follow-up (1 Step).
23
Risks of Particular
Model
Risk of Discontinuity;
Risk of Incompetence;
Risk of Independence;
Risk of Divisibility;
Risk of Shortage of Ideas.
No Time for Deeper and Longer
Engagements.
24
Strengths
Clear Responsibility.
Efficiency of Ressource Consumption.
No Opposition with MB.
25
Audit failing
Standardized and Formalized;
Traditional;
Digital.
26
Thank you very much for your
attention!
27
Download