Evolution of Internal Audit and Evolution of Internal Audit and Risk Management in Risk Management in Central Banks Central Banks – – Interaction between the Interaction between the Interaction between the Interaction between the lines of lines of defence defence IMF/ IMF/Hawkamah Hawkamah Central Bank Governance Forum Central Bank Governance Forum Dubai December 2014 Dubai, December 2014 Dubai December 2014 Dubai, December 2014 Andre Bezuidenhout South African Reserve Bank Agenda The importance of good governance in central banks The importance of good governance in central banks post the global financial crisis post the global financial crisis The evolution, role and nature of Internal Audit in The evolution, role and nature of Internal Audit in Central Banks The evolution, role and nature of Risk Management in Central Banks The relationship and interaction between IA and ERM Combined Assurance to those charged with Governance of Central Banks Practical considerations – The SARB experience Conclusion: The importance of adding value 1
The importance of good governance in central banks post the global financial crisis post the global financial crisis Global developments influencing governance and risk management in central banks Volatile, uncertain, unpredictable environment • Global financial crisis and recession – challenges for central banks • Recent global geopolitical events/natural disasters g g p • Policy makers need to be able to focus on core tasks knowing ERM is effective Increased emphasis on governance and transparency • Governance failures • Critically important for central banks – expanding role, complexity and risk • Require appropriate structures, policies, framework and approach q pp p , p , pp More explicit financial stability mandate • Increased external focus on independence, accountability and governance 2
Developments in corporate governance King Report and Code on Corporate Governance (third version) contain recommended principles for corporate governance in SA corporate governance in SA Chapter 4 (of 9) devoted to the Governance of Risk The SARB strives to apply the principles of King III, to the extent deemed appropriate for a central bank King III, Chapter 4 - The Governance of Risk Board responsible for Board responsible for the governance of the governance of risk risk Board determines the levels of risk Board determines the levels of risk tolerance tolerance Risk/audit committee assists board with risk responsibilities Risk/audit committee assists board with risk responsibilities Board delegates to management the responsibility to Board delegates to management the responsibility to design, design, implement and implement and monitor a risk monitor a risk management management plan plan Board ensures risk Board ensures risk assessments assessments performed on performed on a continual a continual basis basis Board ensures frameworks/methodologies implemented Board ensures frameworks/methodologies implemented to to anticipate unpredictable anticipate unpredictable risks risks Board ensures management considers/implements Board ensures management considers/implements appropriate appropriate risk responses risk responses Board ensures continual risk monitoring by management Board ensures Board ensures Board ensures continual risk monitoring by management continual risk monitoring by management continual risk monitoring by management Board receives Board receives assurance regarding the effectiveness of the risk assurance regarding the effectiveness of the risk management process management process Board ensures processes in place Board ensures processes in place for complete for complete, timely, relevant, , timely, relevant, accurate and accessible risk disclosure to stakeholders accurate and accessible risk disclosure to stakeholders 3
Risk management in central banks Not simply based on institutional risk and return Not simply based on institutional risk and return considerations considerations Takes into account national interest, statutory and Takes into account national interest, statutory and constitutional responsibilities constitutional responsibilities constitutional responsibilities constitutional responsibilities Central banks function within an environment of Central banks function within an environment of continuous change and uncertainty continuous change and uncertainty Monitoring and analysis of, and appropriate responses Monitoring and analysis of, and appropriate responses to, potential/actual risks from global political & to, potential/actual risks from global political & economic environment are critically important economic environment are critically important Risk management in central banks (contd) Central banks are largely risk-averse institutions - disruption to operations or damage to reputation could seriously jeopardise satisfactory fulfilment of roles and responsibilities executive management of central banks are intensely aware of the ti t f t l b k i t l f th high performance standards that all stakeholders expect A strong integrated risk management function viewed as A strong integrated risk management function viewed as an integral part of good corporate governance: an integral part of good corporate governance: to help the Board carry out its governance oversight role; and to help management focus on the challenges attendant to primary goals oversight role, and helping management primary goals oversight role and helping management focus on the challenges attendant to its primary goals 4
The evolution, role and nature of Internal Audit in Central Banks The evolution of internal audit approaches Inspection of operations against standard operating procedures. Inspection of operations against standard operating procedures. Seen as “policing” function. Seen as “policing” function. Globalisation, governance failures, Treadway commission and Globalisation, governance failures, Treadway commission and COSO COSO Rise of Modern Internal Auditing – business partnering adding Rise of Modern Internal Auditing Rise of Modern Internal Auditing Rise of Modern Internal Auditing business partnering, adding business partnering adding business partnering, adding value value Focus on adherence to widely accepted standards, guidelines and Focus on adherence to widely accepted standards, guidelines and best practice best practice Quality Assurance, and benchmarking against other organisations Quality Assurance, and benchmarking against other organisations Professional certification and membership of IIA Professional certification and membership of IIA Auditor of the future – Auditor of the future – continuous auditing, etc. continuous auditing, etc. 5
The role of Internal Audit Independent and objective assurance and consulting function to evaluate and improve governance, risk management and control processes • Characterised b Characterised by use of systematic and disciplined approach se of s stematic and disciplined approach Assurance: Objective assessment of evidence to provide an independent opinion on the adequacy and effectiveness of operations, processes and systems • Nature & scope of assurance engagements determined by IA itself Consulting: Advisory services performed at the request of management q g • Must maintain objectivity and not assume operational responsibility IA, in collaboration with others, plays a key role in ensuring a sound control environment that supports effective and efficient achievement of organisational objectives The key characteristics of Internal Audit The key characteristics of IA are independence and objectivity: Independence means: Free from any conditions that limit IA’s ability to be unbiased, impartial and without any conflict of interest fli t f i t t Objectivity means: A state of mind that allows auditors to apply pure and principled judgement on audit matters without compromising on quality in subordination to any other views These require that IA is well positioned and adequately resourced resourced Threats to independence and objectivity must be managed at several levels: individual auditor, project, IA function and organisational. 6
Recommend
More recommend