Balance Between Audit/Compliance and Risk Management – Best Practices FIRMA - 21 st National Training Conference David Bilko Chief Audit Executive SunTrust.

Slides:



Advertisements
Similar presentations
Program Management Office (PMO) Design
Advertisements

VALUE OF INTERNAL AUDITING: ASSURANCE, INSIGHT, OBJECTIVITY A PRESENTATION TO STAKEHOLDERS ABOUT THE VALUE OF INTERNAL AUDITING.
ASX Corporate Governance Council
Auditing, Assurance and Governance in Local Government
Course: e-Governance Project Lifecycle Day 1
IMFO Audit & Risk Indaba June 2012
It’s Time to Talk About Risk and Control
Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.
Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.
Audit Committee in Albania Legal framework Law 9226 /2006 “On banks in Republic of Albania” Law 9901/2008 “On entrepreneurs and commercial companies” Corporate.
Performing a Fiduciary Review of Trust Administration FIRMA April 2009 Independent Fiduciary Services ® Independent Fiduciary Services, Inc.  th.
6/2/20151 Enterprise Risk & Assurance Management in Zurich North America Brian Selby MA (Audit), FIIA, QiCA, MBCS, CISA.
Keystone Technology Plan Presentation to Chesapeake Bay Program Information Management Subcommittee May 19, 2004 Nancie L. Imler Chief Information Officer.
Risk Management at ANZ Banking Group Jun 18, 2008 Patrick Zhu Head of Retail Risk China Partnerships.
Viewpoint Consulting – Committed to your success.
Procurement Transformation State of North Carolina
“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.
PAINTING THE FULL PICTURE
1 Business Continuity and Compliance Working Together Kristy Justice, AVP WaMu Card Services 08/19/2008.
AfDB - EBRD Joint conference in procurement reform in North Africa and SEMED Countries Marrakech 22 and 23 April 2013 Jordan Delegation 22-23/4/2013.
Corporate Governance: Beyond Compliance at a time of Recession Prof. Ashley G. Frank BA(Econ)[Magna Cum Laude], MDPA (Cum Laude], MBA, MCom [Cum Laude],
National Association of College and University Attorneys 1 November 11, 2009 NACUA Fall 2009 Workshop November 2009.
Copyright of Plato Consulting, inc Plato Consulting M&A Practice.
The Role of the Trustee, Are you Ready? CHHSM Annual Meeting March 5, 2006 Amy A. HaymanEdwin Eng Senior Vice PresidentVice President
1.  The views expressed are those of the speaker and do not necessarily reflect the views of the Federal Reserve Board of Governors, or the Federal Reserve.
DAA and GEP Orlando Audit & Compliance or Audit vs. Compliance.
2007 Annual Meeting ● Assemblée annuelle 2007 Vancouver 2007 Annual Meeting ● Assemblée annuelle 2007 Vancouver Canadian Institute of Actuaries Canadian.
FIRMA National Risk Management Training Conference A New Look at Conflicts of Interest By Regina D. Stover Senior Vice President Pittsburgh, PA April 10,
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
“ Heightened Expectations” for Corporate Governance AIBA 2 nd Annual Compliance Seminar June 14, 2012 Lester Miller, Senior International Advisor International.
Strategic Management of IS/IT: Organization and Resources
© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.
PRESENTATION TO FRB-CHICAGO RISK MANAGEMENT CONFERENCE APRIL 14-15, 2009 Dominic Monastiere EVP-Chief Risk Management Officer Chemical Bank
Roles and Responsibilities
Maximizing Captive Value Through Teamwork. Speakers: Irena Kaler, Executive Director/CAO, RWJ Health Network Insurance Services Ken Rand, Managing Director,
Changes in the International Standards for the Professional Practice of Internal Auditing & Implications for Healthcare Organizations AHIA Northwest Regional.
Unite and Deliver An update Francesco Galtieri UN Development Operations Coordination Office (DOCO), New York JPO Workshop, Maputo, May 2009.
For broker-dealer use only. Not for use with the public. PROCU 2012 ANNUAL MEETING REGULATORY UPDATE Michael D. Burns Chief Compliance Officer October.
Oversight of the ERISA Fiduciary April 9, 2008 J. David Thompson Bank of New York Mellon Corporation.
Northern Trust Company Global Risk Management
1 Governance, accountability and performance reporting in the public sector Des Pearson Executive in Residence August 2013.
Implementing a Risk Management Program Scott Jones MEAG Power APPA Business & Finance Conference
Geneva Association/International Insurance Society Research Presentation, Chicago Enterprise Risk Management in the Insurance Industry Madhusudan.
Bank Audit. Internal Audit Internal audit is an independent, objective assurance activity and can give valuable insight in providing assurance that major.
Balance Between Audit/Compliance and Risk Management- Best Practices FIRMA 21 st National Training Conference Julia Fredricks, U.S. Chief Compliance Officer.
Future of Credit Risk Management: Supervisory Approach to Basel II CIA Annual Meeting Session 4405 Ben Gully Director, Basel Implementation Division Office.
Divisional Chief Executives Supported by Divisional Risk Committees Executive Committee Group Chief Executive Group Functions Group Finance Director Group.
Where Do We Go From Here: Risk Management after the Financial Meltdown Kevin McCabe Wells Fargo Audit Services EVP & Chief Auditor FIRMA 24 th National.
Business Analysis. Business Analysis Concepts Enterprise Analysis ► Identify business opportunities ► Understand the business strategy ► Identify Business.
Banking and Financial Institutions
PIC EU-28 Conference Paris, 26 – 27 November 2015 PIC An EU Approach Assurance Maps An Introductory workshop Nathan Paget United Kingdom.
Office of Major Project Development (OMPD) Overview November 2015.
Getting to Know Internal Auditing
Getting to Know Internal Auditing
Getting to Know Internal Auditing
VALUE OF INTERNAL AUDITING: ASSURANCE, INSIGHT, OBJECTIVITY
Value of internal auditing: Assurance, Insight, objectivity
VALUE OF INTERNAL AUDITING: ASSURANCE, INSIGHT, OBJECTIVITY
Value of internal auditing: Assurance, Insight, objectivity
Chapter 5 Corporate Governance.
Getting to Know Internal Auditing
2017 Administration and Finance Conference
Value of internal auditing: Assurance, Insight, objectivity
Corporate Audit and Evaluation Branch
the foundation for achieving our missions
Value of internal auditing: Assurance, Insight, objectivity
Pam Matthews, FHIMSS Director of Business Information Systems Business Information Systems is focused around administrative and financial information.
Association of International Bank Audit
Presentation transcript:

Balance Between Audit/Compliance and Risk Management – Best Practices FIRMA - 21 st National Training Conference David Bilko Chief Audit Executive SunTrust Bank April 19, 2007

1 Background SunTrust Banks, Inc., with assets of $182 billion, operates 1700 branches in the southeastern US. Operating model emphasizes local geographic management empowerment combined with the economies of scale and product development advantages that come from being one of the nation’s largest banking organizations. Geographic focus is complemented by 5 major lines of business: Retail, Commercial, Corporate and Investment Banking, Mortgage, and Wealth and Investment Management Wealth Management provides fiduciary, brokerage and investment management to institutions and individuals. –Total assets under advisement $246 billion –Trust Assets $207 billion –Retail Brokerage $39 billion

2 SunTrust Structure – Audit, Legal, Compliance, and Risk Audit Services  Functionally – Audit Committee  Administratively – Chief Administrative Officer Wealth & Investment Management Audit team Legal  General Counsel - CEO Fiduciary & ERISA Attorneys Corporate Compliance  Chief Compliance Officer – General Counsel Compliance Functions – RIA and Broker/Dealer Enterprise Risk Management  Chief Risk Officer - CEO  LOB/Function Risk Managers Solid line to LOB or Function Dotted Line ERM

3 Group Roles Audit Services - Provide independent assurance on the design and operating effectiveness of controls across the enterprise Legal – In a cost effective manner: Provide legal advice, manage litigation, coordinate use of outside counsel, monitor all legal expenses, assist with legal risk analysis and risk mitigation, and provide Corporate Secretary functions Corporate Compliance – perform reviews of controls designed to mitigate compliance risk, assess and monitor compliance risk across the enterprise, perform ongoing oversight and surveillance of compliance risk Enterprise Risk Management – includes SOX PMO, Model Validation Group, Basel II Readiness, Operational Risk – RCSA’s LOB/Function Risk Managers – risk and control advisors on all types of risk including compliance, credit, operating, etc. Develops policies and procedures, performs risk assessments and documents risk profiles

4 Challenge - Achieving Structural Balance Where we were:  Decentralized Silo Driven  Lots of requests for same information from different sources  Lack of agreement on levels of risk and controls  Gaps in coverage  Limited collaboration and sharing of information  Ownership issues Where we are going:  Harmonized, rational view of all risks and controls across the Enterprise (LOB)?  Make risk assessment and mitigation an effective process and efficiencies will follow, including better economics  Line will retain responsibility for risks and controls

5 Challenge – Achieving Structural Balance Roadmap:  Identify Board Level Responsibilities  Risk Management, Compliance and Audit are working together to identify proper stakeholders in the LOB’s, the risks, domains, controls, data sources, and testing ownership (who is doing the checking)  Leveraging each other’s platforms  Prioritizing opportunities  Creating an operating model that will resolve gaps and overlaps  Concept that clarifies roles, responsibilities, and scope  Improved Issue Management Form will follow function End State is a rational, economical, agile enterprise approach to risk management and control testing