CAIB PRE-CONFERENCE TRAINING Audit Committees: Making Corporate Governance work in the Caribbean June 21, 2007 Risk Advisory Services.

Slides:



Advertisements
Similar presentations
G L O B A L S E R V I C E / I N D U S T R Y A U D I T / T A X / A D V I S O R Y / L I N E O F B U S I N E S S SAS 112 Presentation California State University.
Advertisements

Chapter 10 Accounting Information Systems and Internal Controls
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems
Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, Established.
1 Sarbanes-Oxley Section 404 June 29,  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.
SAS 112 – The Year After Presented by Chris Ray Partner - KPMG LLP KPMG LLP.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
SAS 112 Update Chapter 9 Presented by Chris Ray, Partner KPMG LLP KPMG LLP.
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.
INTERNAL CONTROL OVER FINANCIAL REPORTING
Statement on Auditing Standards (SAS) 112 Communicating Internal Control Related Matters Identified in an Audit.
Internal Auditing and Outsourcing
Auditing Internal Control over Financial Reporting
Fall 2003 Auditing Update for Auditing and Assurance Services: An Integrated Approach.
An Accountant’s Look at the Changing Horizons within SOX 404 Presented to Colorado Bar Association’s Securities Law Group Presented by Bill Evert Hein.
Chapter 3 Internal Controls.
The Sarbanes-Oxley Act of PricewaterhouseCoopers Introduction of Panel Members The Sarbanes-Oxley Act of 2002 What Companies Should Be Doing Now.
Presented to President’s Cabinet. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an.
Auditing Internal Control over Financial Reporting
Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.
Introduction to Internal Control Systems
INTERNAL CONTROL OVER FINANCIAL REPORTING
Implementation Issues of Sarbanes-Oxley CASE Presentation September 23, 2004 By Denise Farnan.
Chapter Three IT Risks and Controls.
Copyright T. Rowe Price. All rights reserved 1 Ms. Deborah D. Seidel of T. Rowe Price Financial Services Vice President and Manager of Compliance.
Chapter 5 Internal Control over Financial Reporting
Page 1 Internal Audit Outsourcing The Moss Adams Approach to Internal Audit Outsourcing Proposed SOX 404 Changes.
Considering Internal Control
Internal Control in a Financial Statement Audit
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.
NO FRAUD LEFT BEHIND The Effect of New Risk Assessment Auditing Standards on Schools Runyon Kersteen Ouellette.
Internal Control in a Financial Statement Audit
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Issues in Corporate Governance: Board Structures and Functions Based on a Student Presentation by Joshua Shullaw and Matthew Domeyer.
1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.
Evaluation of Internal Control System
5-1 McGraw-Hill/Irwin ©2007 by the McGraw-Hill Companies, Inc. All rights reserved. Chapter 5 Internal Control Evaluation: Assessing Control Risk.
Richard F. Chambers, CIA, CGAP Vice President, IIA Learning Center The Institute of Internal Auditors.
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
1 Sarbanes-Oxley Overview. 2 Sarbanes-Oxley Act Summary The Sarbanes-Oxley Act of 2002 §201Prohibited Non-Audit Services §202Audit Committee Pre-Approval.
Casualty Loss Reserve Seminar General Session II September 9, 2003 Section 302/404 of Sarbanes-Oxley Act What Actuaries Need to Know Jan A. Lommele, FCAS,
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.
Chapter 9: Introduction to Internal Control Systems
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 7-1 Chapter Seven Auditing Internal Control over Financial Reporting.
A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Auditing Internal Control over Financial Reporting Chapter Seven.
BA 427 – Assurance and Attestation Services Lecture 7 Reporting on Internal Controls.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley Section 404 Audits of Internal Control and Control Risk Chapter.
Copyright © 2007 Pearson Education Canada 9-1 Chapter 9: Internal Controls and Control Risk.
©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder Section 404 Audits of Internal Control and Control Risk Chapter 10.
18-1 Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Deck 5 Accounting Information Systems Romney and Steinbart Linda Batch February 2012.
©©2012 Pearson Education, Auditing 14/e, Arens/Elder/Beasley Considering Internal Control Chapter 10.
Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. Chapter
Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Internal Control in a Financial Statement Audit Chapter Six.
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
©2005 Prentice Hall Business Publishing, Auditing and Assurance Services 10/e, Arens/Elder/Beasley Internal Control and Control Risk Chapter 10.
Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.
SUNY Maritime Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal controls.
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
An overview of Internal Controls Structure & Mechanism
Presentation transcript:

CAIB PRE-CONFERENCE TRAINING Audit Committees: Making Corporate Governance work in the Caribbean June 21, 2007 Risk Advisory Services

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 1 Program Agenda Introduction Background Perspective; Objectives of Sarbanes-Oxley Act; Management’s Responsibilities; Key SOX provisions relating to Audit Committees; Impact of SOX on the Caribbean.

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 2 Program Agenda What is SOX? COSO Internal Control Framework – A Summary of Components A brief discussion on SOX testing procedures; Sample sizes and control frequency; Evaluating test results and control deficiencies; Deficiency Assessment.

Welcome and Introductions

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 4 Program Objectives Discuss briefly the background and framework of Sarbanes-Oxley Act’s 404 (SOX) requirements. Impact of SOX on Caribbean Financial Institutions. SOX testing procedures. A SOX approach to Internal Controls as a Fraud Management tool.

Background

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 6 Enron – shock! WorldCom – action! Ahold, Parmalat, Hollinger Nortel, Shell Restore investor confidence Increased transparency These may have been the catalyst, but investors are demanding a higher standard of care. Markets have reacted to restore investor confidence. Perspective

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 7 Objectives of the Sarbanes-Oxley Act Increase the accountability of management of public companies; Improve Corporate Governance; Increase the oversight of public accounting firms; Restore investor confidence in the capital markets.

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 8 Management’s Responsibilities under SOX Accept responsibility for the effectiveness of the Company’s internal control over financial reporting. Evaluate the effectiveness of internal control over financial reporting using suitable control criteria. Support its evaluation with sufficient evidence, including documentation and appropriate evidence of existence and effectiveness of internal controls.

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 9 Management’s Responsibilities under SOX Present a written assessment about the effectiveness of internal control over financial reporting as of the end of the Company’s most recent fiscal year.

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 10 Key SOX Provisions Relating to Audit Committees The Sarbanes-Oxley act has required Audit Committees to adhere to certain provisions as follows: Each member of the Audit Committee must be independent. At least one of the members must be a “Financial Expert”. Directly responsible for appointment compensation and oversight of the public accounting firm.

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 11 Key SOX Provisions Relating to Audit Committees (Cont’d) All auditing and non-auditing services must be pre-approved by committee. Establish procedures for handling complaints (whistleblower protection ) Discuss with auditor prior to issuing audited financial statement: Have authority to engage independent counsel and other advisors. - Critical accounting policies and alternative treatments - Management letter, waived adjustments and material written communications

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 12 Impact of SOX on the Caribbean Over the last 3 years global companies have had to come to grips with the implementation and reporting requirements of Sections 302 and 404 of the US Sarbanes-Oxley Act – SOX 302 and 404. The SOX Act spells out the various roles of management, the audit committee, and the external auditors. To this end the effects of the SOX Act has had an effect on Corporate Governance regionally. While the Act does not govern the regional companies, many of the large global companies have implemented various teams to ensure that even regional subsidiaries are SOX 404 compliant.

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 13 Impact of SOX on the Caribbean (Cont’d) Though the Sarbanes-Oxley is a U.S. legislation and only required by companies quoted on U.S. stock exchanges, there are a few benefits to adopting a SOX- like strategy to regional organizations as follows: Assists Directors in administering their Corporate Governance responsibilities; Developing Internal Controls that facilitate a robust internal fraud management strategy; Acts as another way of making local Financial Institutions more attractive to foreign investors;

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 14 Impact of SOX on the Caribbean (Cont’d) Creates an environment that makes it easier for regional Financial Institutions to adopt new legislations such e.g. Anti- Money Laundering; Facilitates the development of an Enterprise Risk Management Strategy.

What is SOX?

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 16 COSO* Internal Control Framework A Summary of the Components Control Environment – The control environment sets the tone of an organization, influencing the control consciousness of its people Control Activities – These policies and procedures help ensure management directives are carried out Information and Communication – Pertinent information must be identified, captured, and communicated in a form and time frame that supports all other control components. Monitoring – Internal control systems need to be monitored – a process that assesses the quality of the systems’ performance over time. Risk Assessment – Every entity faces a variety of risks from external and internal sources that must be assessed both at the entity and the activity level The COSO framework is a model against which the components of internal control within an organization can be measured and evaluated. This report is representative of one of the ways management applies its assessment of risk at the entity level. This assessment is in line with the risk categories of COSO across the top of the cube (Operations, Financial Reporting, and Compliance). See page 11 for a definition of internal control. *Committee of Sponsoring Organizations of the Treadway Commission

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 17 COSO* Internal Control Framework A Summary of the Components *Committee of Sponsoring Organizations of the Treadway Commission Internal control is broadly defined as a process, effected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: Financial Reporting The absence of a key financial control causes a material error in the financial statements, including the footnotes Compliance with Laws and Regulations Company is in violation of applicable regulatory requirements Efficiency and Effectiveness of Operations Company does not meet strategic objectives The process does not operate efficiently Customers are not satisfied with services received

A brief discussion on SOX testing procedures

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 19 Sample Sizes and Control Frequency Determine the extent of tests of controls Manual Control Application Control (programmed) Annually Quarterly MonthlyWeekly Many time per day or daily or performed frequently but less than daily General Controls are ineffective Test Extents* *Larger sample sizes may be appropriate when: General Controls are effective Deviations from designed controls are expected Likelihood of errors or override is considered other than low The control is « primary » or only control related to a significant account Control is applied by a number of different personnel at various locations

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 20 Nature of Control and Frequency of Performance Minimum Number of Items to Test (Extent of Test of Controls) Manual control, performed many times per dayAt least 25 Manual control, performed dailyAt least 25 Manual control, performed frequently but less than daily 25% of the number of occurrences or at least 25 Manual control, performed weeklyAt least 10 Manual control, performed monthlyAt least 3 Manual control, performed quarterlyAt least 2 Manual control, performed annuallyTest annually Automated controlTest one application of each programmed control for each type of transaction if supported by effective IT general controls (that have been tested); otherwise test at least 25 IT general controlsFollow guidance above for manual and programmed aspects of IT general controls Sample Testing Guidance Sample Sizes and Control Frequency

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 21 Evaluating the Testing Results Control operates effectively Control deficiencies/ exceptions were found Amend decision to rely on control and consider another control Address deficiency Extend test extents ** Additional exceptions noted No additional exceptions Evaluate Design Effectiveness of Control ** If after evaluating the exception, it is determined to be isolated, consider expanding the sample size. (for example, by an addition 10 tests for each exception) Evaluate the Testing Results Select key controls

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 22 Assessment of Control Deficiencies 3 levels: Inconsequential; Significant Deficiency; Material Weakness.

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 23 Control Deficiencies Significant Deficiency A control deficiency that adversely affects the Company’s ability to initiate, authorize, record, process, or report external financial data reliably in accordance with GAAP. Could be a single deficiency or a combination of deficiencies that results in more than a remote likelihood that a misstatement of the annual or interim financial statements that is more than inconsequential will not be prevented or detected.

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 24 Control Deficiencies Significant Deficiency Material Weakness; A significant deficiency, or a combination of significant deficiencies, that results in more than a remote likelihood that a material misstatement of the annual or interim financial statements will not be prevented or detected; Material Weakness = Adverse Opinion; “Remote”: the chance of the future event or events occurring is slight.

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 25 Evaluating Significant Deficiencies Must evaluate all identified deficiencies in internal control over financial reporting for significance based on: Likelihood that a deficiency, or combination of deficiencies, could result in a misstatement of an account balance or disclosure. Magnitude of the potential misstatement resulting from the deficiency or deficiencies. Evaluation of significance includes both quantitative and qualitative factors. Maintain a log of all deficiencies: Requires aggregation – all locations reporting.

A brief overview of Internal Control as a Fraud Management tool

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 27 Accountability and Control Red Flags Lack of separation of duties; Lack of physical security and/or key control; Weak links in chain of controls and accountability. Missing independent checks on performance; Lax management style; Poor system design; Inadequate training.

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 28 How to Minimize Fraud Risk Adhere to policies/procedures (especially documentation and authorization); Ensure physical security over assets; Provide proper training to employees; Independently review and monitor tasks; Provide for segregation of duties; Establish clear line of authority; Rotate duties in positions susceptible to fraud; Ensure employees take regular vacations; Schedule regular independent audits of areas susceptible to fraud; Ensure background check for employees handling financial transactions;

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 29 How to Minimize Fraud Risk Make sure internal controls are being followed; Review, Review, Review! Ask for documentation; Ensure that one person dos not have total responsibility for a process; Evaluate performance regularly; Report suspicious activity.

Thank You

© 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 31 Contacts Frederick Bernard KPMG Barbados Phone: Mobile: Michael Edghill KPMG Barbados Phone: Mobile: Rendra Gopee KPMG Barbados Phone: Mobile: Frank Myers KPMG St. Lucia Phone:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.