Presentation is loading. Please wait.

Presentation is loading. Please wait.

CAIB PRE-CONFERENCE TRAINING Audit Committees: Making Corporate Governance work in the Caribbean June 21, 2007 Risk Advisory Services.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CAIB PRE-CONFERENCE TRAINING Audit Committees: Making Corporate Governance work in the Caribbean June 21, 2007 Risk Advisory Services."— Presentation transcript:

1 CAIB PRE-CONFERENCE TRAINING Audit Committees: Making Corporate Governance work in the Caribbean June 21, 2007 Risk Advisory Services

2 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 1 Program Agenda Introduction Background Perspective; Objectives of Sarbanes-Oxley Act; Management’s Responsibilities; Key SOX provisions relating to Audit Committees; Impact of SOX on the Caribbean.

3 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 2 Program Agenda What is SOX? COSO Internal Control Framework – A Summary of Components A brief discussion on SOX testing procedures; Sample sizes and control frequency; Evaluating test results and control deficiencies; Deficiency Assessment.

4 Welcome and Introductions

5 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 4 Program Objectives Discuss briefly the background and framework of Sarbanes-Oxley Act’s 404 (SOX) requirements. Impact of SOX on Caribbean Financial Institutions. SOX testing procedures. A SOX approach to Internal Controls as a Fraud Management tool.

6 Background

7 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 6 Enron – shock! WorldCom – action! Ahold, Parmalat, Hollinger Nortel, Shell Restore investor confidence Increased transparency These may have been the catalyst, but investors are demanding a higher standard of care. Markets have reacted to restore investor confidence. Perspective

8 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 7 Objectives of the Sarbanes-Oxley Act Increase the accountability of management of public companies; Improve Corporate Governance; Increase the oversight of public accounting firms; Restore investor confidence in the capital markets.

9 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 8 Management’s Responsibilities under SOX Accept responsibility for the effectiveness of the Company’s internal control over financial reporting. Evaluate the effectiveness of internal control over financial reporting using suitable control criteria. Support its evaluation with sufficient evidence, including documentation and appropriate evidence of existence and effectiveness of internal controls.

10 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 9 Management’s Responsibilities under SOX Present a written assessment about the effectiveness of internal control over financial reporting as of the end of the Company’s most recent fiscal year.

11 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 10 Key SOX Provisions Relating to Audit Committees The Sarbanes-Oxley act has required Audit Committees to adhere to certain provisions as follows: Each member of the Audit Committee must be independent. At least one of the members must be a “Financial Expert”. Directly responsible for appointment compensation and oversight of the public accounting firm.

12 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 11 Key SOX Provisions Relating to Audit Committees (Cont’d) All auditing and non-auditing services must be pre-approved by committee. Establish procedures for handling complaints (whistleblower protection ) Discuss with auditor prior to issuing audited financial statement: Have authority to engage independent counsel and other advisors. - Critical accounting policies and alternative treatments - Management letter, waived adjustments and material written communications

13 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 12 Impact of SOX on the Caribbean Over the last 3 years global companies have had to come to grips with the implementation and reporting requirements of Sections 302 and 404 of the US Sarbanes-Oxley Act – SOX 302 and 404. The SOX Act spells out the various roles of management, the audit committee, and the external auditors. To this end the effects of the SOX Act has had an effect on Corporate Governance regionally. While the Act does not govern the regional companies, many of the large global companies have implemented various teams to ensure that even regional subsidiaries are SOX 404 compliant.

14 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 13 Impact of SOX on the Caribbean (Cont’d) Though the Sarbanes-Oxley is a U.S. legislation and only required by companies quoted on U.S. stock exchanges, there are a few benefits to adopting a SOX- like strategy to regional organizations as follows: Assists Directors in administering their Corporate Governance responsibilities; Developing Internal Controls that facilitate a robust internal fraud management strategy; Acts as another way of making local Financial Institutions more attractive to foreign investors;

15 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 14 Impact of SOX on the Caribbean (Cont’d) Creates an environment that makes it easier for regional Financial Institutions to adopt new legislations such e.g. Anti- Money Laundering; Facilitates the development of an Enterprise Risk Management Strategy.

16 What is SOX?

17 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 16 COSO* Internal Control Framework A Summary of the Components Control Environment – The control environment sets the tone of an organization, influencing the control consciousness of its people Control Activities – These policies and procedures help ensure management directives are carried out Information and Communication – Pertinent information must be identified, captured, and communicated in a form and time frame that supports all other control components. Monitoring – Internal control systems need to be monitored – a process that assesses the quality of the systems’ performance over time. Risk Assessment – Every entity faces a variety of risks from external and internal sources that must be assessed both at the entity and the activity level The COSO framework is a model against which the components of internal control within an organization can be measured and evaluated. This report is representative of one of the ways management applies its assessment of risk at the entity level. This assessment is in line with the risk categories of COSO across the top of the cube (Operations, Financial Reporting, and Compliance). See page 11 for a definition of internal control. *Committee of Sponsoring Organizations of the Treadway Commission

18 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 17 COSO* Internal Control Framework A Summary of the Components *Committee of Sponsoring Organizations of the Treadway Commission Internal control is broadly defined as a process, effected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: Financial Reporting The absence of a key financial control causes a material error in the financial statements, including the footnotes Compliance with Laws and Regulations Company is in violation of applicable regulatory requirements Efficiency and Effectiveness of Operations Company does not meet strategic objectives The process does not operate efficiently Customers are not satisfied with services received

19 A brief discussion on SOX testing procedures

20 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 19 Sample Sizes and Control Frequency Determine the extent of tests of controls Manual Control Application Control (programmed) Annually Quarterly MonthlyWeekly Many time per day or daily or performed frequently but less than daily General Controls are ineffective 1231025 Test Extents* *Larger sample sizes may be appropriate when: General Controls are effective Deviations from designed controls are expected Likelihood of errors or override is considered other than low The control is « primary » or only control related to a significant account Control is applied by a number of different personnel at various locations

21 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 20 Nature of Control and Frequency of Performance Minimum Number of Items to Test (Extent of Test of Controls) Manual control, performed many times per dayAt least 25 Manual control, performed dailyAt least 25 Manual control, performed frequently but less than daily 25% of the number of occurrences or at least 25 Manual control, performed weeklyAt least 10 Manual control, performed monthlyAt least 3 Manual control, performed quarterlyAt least 2 Manual control, performed annuallyTest annually Automated controlTest one application of each programmed control for each type of transaction if supported by effective IT general controls (that have been tested); otherwise test at least 25 IT general controlsFollow guidance above for manual and programmed aspects of IT general controls Sample Testing Guidance Sample Sizes and Control Frequency

22 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 21 Evaluating the Testing Results Control operates effectively Control deficiencies/ exceptions were found Amend decision to rely on control and consider another control Address deficiency Extend test extents ** Additional exceptions noted No additional exceptions Evaluate Design Effectiveness of Control ** If after evaluating the exception, it is determined to be isolated, consider expanding the sample size. (for example, by an addition 10 tests for each exception) Evaluate the Testing Results Select key controls

23 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 22 Assessment of Control Deficiencies 3 levels: Inconsequential; Significant Deficiency; Material Weakness.

24 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 23 Control Deficiencies Significant Deficiency A control deficiency that adversely affects the Company’s ability to initiate, authorize, record, process, or report external financial data reliably in accordance with GAAP. Could be a single deficiency or a combination of deficiencies that results in more than a remote likelihood that a misstatement of the annual or interim financial statements that is more than inconsequential will not be prevented or detected.

25 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 24 Control Deficiencies Significant Deficiency Material Weakness; A significant deficiency, or a combination of significant deficiencies, that results in more than a remote likelihood that a material misstatement of the annual or interim financial statements will not be prevented or detected; Material Weakness = Adverse Opinion; “Remote”: the chance of the future event or events occurring is slight.

26 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 25 Evaluating Significant Deficiencies Must evaluate all identified deficiencies in internal control over financial reporting for significance based on: Likelihood that a deficiency, or combination of deficiencies, could result in a misstatement of an account balance or disclosure. Magnitude of the potential misstatement resulting from the deficiency or deficiencies. Evaluation of significance includes both quantitative and qualitative factors. Maintain a log of all deficiencies: Requires aggregation – all locations reporting.

27 A brief overview of Internal Control as a Fraud Management tool

28 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 27 Accountability and Control Red Flags Lack of separation of duties; Lack of physical security and/or key control; Weak links in chain of controls and accountability. Missing independent checks on performance; Lax management style; Poor system design; Inadequate training.

29 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 28 How to Minimize Fraud Risk Adhere to policies/procedures (especially documentation and authorization); Ensure physical security over assets; Provide proper training to employees; Independently review and monitor tasks; Provide for segregation of duties; Establish clear line of authority; Rotate duties in positions susceptible to fraud; Ensure employees take regular vacations; Schedule regular independent audits of areas susceptible to fraud; Ensure background check for employees handling financial transactions;

30 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 29 How to Minimize Fraud Risk Make sure internal controls are being followed; Review, Review, Review! Ask for documentation; Ensure that one person dos not have total responsibility for a process; Evaluate performance regularly; Report suspicious activity.

31 Thank You

32 © 2006 KPMG Barbados, a Barbados partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in Barbados. 31 Contacts Frederick Bernard KPMG Barbados Phone: 1-246-427-5230 Mobile: 1-246-233-2883 Email: frederickbernard@kpmg.bb Michael Edghill KPMG Barbados Phone: 1-246-427-5230 Mobile: 1-246-231-1111 Email: maedghill@kpmg.bb Rendra Gopee KPMG Barbados Phone: 1-246-427-5230 Mobile: 1-246-233-5165 Email: rgopee@kpmg.bb Frank Myers KPMG St. Lucia Phone: 1-758-4531471 Email: fvmyers@kpmg.bb

Download ppt "CAIB PRE-CONFERENCE TRAINING Audit Committees: Making Corporate Governance work in the Caribbean June 21, 2007 Risk Advisory Services."

Similar presentations

G L O B A L S E R V I C E / I N D U S T R Y A U D I T / T A X / A D V I S O R Y / L I N E O F B U S I N E S S SAS 112 Presentation California State University.

G L O B A L S E R V I C E / I N D U S T R Y A U D I T / T A X / A D V I S O R Y / L I N E O F B U S I N E S S SAS 112 Presentation California State University.
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems

Control and Accounting Information Systems
Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, 2002. Established.

Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, Established.
1 Sarbanes-Oxley Section 404 June 29, 2005. 2  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.

1 Sarbanes-Oxley Section 404 June 29,  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.
SAS 112 – The Year After Presented by Chris Ray Partner - KPMG LLP KPMG LLP.

SAS 112 – The Year After Presented by Chris Ray Partner - KPMG LLP KPMG LLP.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
SAS 112 Update Chapter 9 Presented by Chris Ray, Partner KPMG LLP KPMG LLP.

SAS 112 Update Chapter 9 Presented by Chris Ray, Partner KPMG LLP KPMG LLP.
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.

6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.

Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.

18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.

Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.

“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.
INTERNAL CONTROL OVER FINANCIAL REPORTING

INTERNAL CONTROL OVER FINANCIAL REPORTING
Statement on Auditing Standards (SAS) 112 Communicating Internal Control Related Matters Identified in an Audit.

Statement on Auditing Standards (SAS) 112 Communicating Internal Control Related Matters Identified in an Audit.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
Auditing Internal Control over Financial Reporting

Auditing Internal Control over Financial Reporting
Fall 2003 Auditing Update for Auditing and Assurance Services: An Integrated Approach.

Fall 2003 Auditing Update for Auditing and Assurance Services: An Integrated Approach.

Similar presentations

Ads by Google