REGULATION ON RISK MANAGEMENT AND OTHER ASPECTS OF INTERNAL CONTROL IN INVESTMENT FIRMS



Similar documents
Guideline on risk management and other aspects of internal control in central securities depository

Guideline on risk management and other aspects of internal control in stock exchange

Standard 4.1. Establishment and maintenance of internal control and risk management. Regulations and guidelines

Finansinspektionen s Regulatory Code

B o a r d of Governors of the Federal Reserve System. Supplemental Policy Statement on the. Internal Audit Function and Its Outsourcing

Guidelines for the Management of Country Risk Swiss Bankers Association

Internal Control Systems and Maintenance of Accounting and Other Records for Interactive Gaming & Interactive Wagering Corporations (IGIWC)

On the Setting of the Standards and Practice Standards for. Management Assessment and Audit concerning Internal

GUIDELINES ON CORPORATE GOVERNANCE FOR LABUAN BANKS

Who should submit the application

[300] Accounting and internal control systems and audit risk assessments

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012

Guidance Note: Corporate Governance - Board of Directors. March Ce document est aussi disponible en français.

6/8/2016 OVERVIEW. Page 1 of 9

Advisory Guidelines of the Financial Supervisory Authority. Requirements regarding the arrangement of operational risk management

Outsourcing Risk Guidance Note for Banks

Reserve Bank of Fiji Insurance Supervision Policy Statement No. 8 MINIMUM REQUIREMENTS FOR RISK MANAGEMENT FRAMEWORKS OF LICENSED INSURERS IN FIJI

Mapping of outsourcing requirements

INTERNATIONAL STANDARD ON AUDITING 610 USING THE WORK OF INTERNAL AUDITORS CONTENTS

Supervisory Policy Manual

15 December General Risk Control and Management Policy

PART I - PRELIMINARY...1 Objective...1 Applicability...2 Legal and Regulatory Provision...2

Any business relationship between a bank and another entity, by contract or otherwise

GUIDELINES FOR BUSINESS CONTINUITY IN WHOLESALE MARKETS AND SUPPORT SYSTEMS MARKET SUPERVISION OFFICE. October 2004

BANKING UNIT BANKING RULES OUTSOURCING BY CREDIT INSTITUTIONS AUTHORISED UNDER THE BANKING ACT 1994

APPENDIX A NCUA S CAMEL RATING SYSTEM (CAMEL) 1

CONSULTATION PAPER ON HIGH LEVEL PRINCIPLES ON OUTSOURCING COVER NOTE

Effective Internal Audit in the Financial Services Sector

COMMISSION OF THE EUROPEAN COMMUNITIES COMMISSION RECOMMENDATION. on remuneration policies in the financial services sector

Checklist for Operational Risk Management

Regulation for Establishing the Internal Control System of an Investment Management Company

Internal controls Guidance for trustees

S t a n d a r d 4. 4 a. M a n a g e m e n t o f c r e d i t r i s k. Regulations and guidelines

Sound Practices for the Management of Operational Risk

NOTICE 158 OF 2014 FINANCIAL SERVICES BOARD REGISTRAR OF LONG-TERM INSURANCE AND SHORT-TERM INSURANCE

Part A OVERVIEW Introduction Applicability Legal Provision...2. Part B SOUND DATA MANAGEMENT AND MIS PRACTICES...

Office of the Director of Audit. Harmonized Audit Manual

Bank of America NA Dublin Branch Market Discipline. Basel II - Disclosures

INTERNATIONAL STANDARD ON AUDITING 200 OBJECTIVE AND GENERAL PRINCIPLES GOVERNING AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

Competency Unit: Exemplar Global SCY Security Management Systems Auditing

POV on Draft Guidelines on Managing Risks and Code of Conduct in Outsourcing of Financial Services by NBFCs

How To Audit A Financial Statement

Recognised Investment Exchanges. Chapter 2. Recognition requirements

Revised May Corporate Governance Guideline

14 December 2006 GUIDELINES ON OUTSOURCING

The Auditor s Communication With Those Charged With Governance

RISK MANAGEMENT AND COMPLIANCE

Finansinspektionen's Regulations

Core Principles for Effective Banking Supervision: New Edition Released

System of Governance

PART A AUTHORISATION FOR CARRYING ON BUSINESS OF INSURANCE

Service Organizations: Auditing Interpretations of Section 324

INTERNATIONAL STANDARD ON AUDITING 330 THE AUDITOR S RESPONSES TO ASSESSED RISKS CONTENTS

Checklist for Credit Risk Management

BOARD OF AUDITORS. European Stability Mechanism. Annual Report to the Board of Governors for the period ended 31 December 2014

EBA-GL July Guidelines. on the minimum list of qualitative and quantitative recovery plan indicators

Special Purpose Reports on the Effectiveness of Control Procedures

Reporting Standard GRS (2005) Off-Balance Sheet Business Credit Substitutes Provided and Risk Charge

Risk Management Programme Guidelines

Statement of Guidance

GUIDANCE NOTE ON OUTSOURCING

INSURANCE ACT 2008 CORPORATE GOVERNANCE CODE OF PRACTICE FOR REGULATED INSURANCE ENTITIES

GUERNSEY FINANCIAL SERVICES COMMISSION

INTERNATIONAL STANDARD ON AUDITING 220 QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

Basel Committee on Banking Supervision

Operational Risk Management Policy

THE AUDITOR S RESPONSES TO ASSESSED RISKS

August 12, To the Corporate Credit Union Addressed: SUBJ: Part 704 Guidance Letter No. 2

SUTA DUMPING. By: Ronald A. Sollish, Esq.

Fundamental Principles of Public-Sector Auditing

MANUAL FOR FINANCIAL MANAGEMENT AND CONTROL

(Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS

August 10, Many of these principles will be familiar to U.S. readers, but these are global principles that would be new to many countries.

INTERNAL CONTROL AND ENTERPRISE RISK MANAGEMENT NO. П4-01 П-01 REVISION1.00

Rating agency approval Guidelines Insurance Sector

The Auditor s Consideration of the Internal Audit Function in an Audit of Financial Statements

Subject Area Descriptions

Guidelines on the Application of the Supervisory Review Process under Pillar 2 (CP03 revised)

ICAEW TECHNICAL RELEASE TECH 01/11

The purpose of internal control within the Cegedim Group are based on the following topics:

Positioning the internal audit function within the Solvency II framework Key challenges. Ludovic Bardon Senior Manager Audit Deloitte Luxembourg

APES GN 30 Outsourced Services

Institutional Challenges to Effective Debt Management in the Caribbean

COMPANIES ACT 2014 Audit Exemption

INTERNATIONAL STANDARD ON AUDITING 260 COMMUNICATION WITH THOSE CHARGED WITH GOVERNANCE CONTENTS

Law on Investment Management Companies

Insurance Undertakings and Compliance Requirements

(28 February 2014 to date) CREDIT RATING SERVICES ACT 24 OF 2012

Guidelines on the implementation, validation and assessment of Advanced Measurement (AMA) and Internal Ratings Based (IRB) Approaches

Framework Agreement between the Department of Health and the NHS Trust Development Authority. Annex C: Finance and Accounting

FRAMEWORK FOR INTERNAL CONTROL SYSTEMS IN BANKING ORGANISATIONS (September 1998)

An Examination of an Entity s Internal Control Over Financial Reporting That Is Integrated With an Audit of Its Financial Statements

Internal Audit Terms of Reference

How To Comply With The Law Of The Firm

Department of Health and Mental Hygiene Alcohol and Drug Abuse Administration

APES GN 30 Outsourced Services

International Accounting Standard 24 Related Party Disclosures. Objective. Scope. Purpose of related party disclosures IAS 24

EBA Guidelines on Internal Governance (GL 44)

Special Considerations Audits of Group Financial Statements (Including the Work of Component Auditors)

Standards for the Professional Practice of Internal Auditing

Transcription:

until further notice 1 (5) Applicable to investment firms REGULATION ON RISK MANAGEMENT AND OTHER ASPECTS OF INTERNAL CONTROL IN INVESTMENT FIRMS By virtue of section 29, paragraph 2, of the Investment Firms Act (579/1996), the Financial Supervision Authority issues the following regulation on risk management and other aspects of internal control in investment firms and undertakings belonging to an investment firm's consolidation group. The regulation takes account of the Council Directive 93/22/EEC of 10 May 1993 on investment services in the securities field (OJEC No L 141, 11.06.1993 p. 27). Purpose and scope of the regulation In this regulation, the Financial Supervision Authority lays down minimum requirements for adequate risk management and other aspects of internal control. The basic principle is that the risk management and other aspects of internal control exercised by investment firms and undertakings belonging to an investment firm s consolidation group should be of adequate standard with regard to the nature and scope of operations, that credit institutions and undertakings belonging to a credit institution s consolidation group should refrain from excessive risk-taking in their operations and that they should employ control methods that enable identification, assessment and limitation of the risks inherent in business. For the purposes of implementing risk management and other aspects of internal control, the Financial Supervision Authority has issued Guideline 203.28. In the guideline, the Financial Supervision Authority gives recommendations for the implementation of risk management and other aspects of internal control in accordance with the provisions set out in the present regulation. The provisions in this regulation concerning an investment firm shall also apply, where applicable, to an investment firm s consolidation group. Definition of the concept of internal control Internal control is a process aimed at: a) accomplishment of stated goals and objectives; b) economical and efficient use of resources; c) adequate control of the risks inherent in operations;

until further notice 2 (5) d) reliability and integrity of financial and other management information; e) compliance with laws and regulations, strategies, plans, internal rules and procedures. According to this definition, internal control comprises all such controls, financial or otherwise, as are effected by the board of directors, senior management and other staff. Risk management as an integral part of the internal control system Risk management refers to the identification, assessment, limitation and control of risks that arise from and are essentially related to business 1. In an investment firm, risk management is an integral part of the internal control system. It is essential that the risks inherent in different business functions are identified and policies for their limitation established. Risk management procedures may vary among institutions depending on the scope and nature of the business. The main elements of internal control are: a) management style and control culture; b) identification, assessment, limitation and control of risks; c) control activities and segregation of duties; d) information and communication; e) monitoring procedures and corrective actions. Responsibility for risk management and other internal control An investment firm's board of directors and managing director are responsible for ensuring that internal control is applied in all operations. 1 The use of risk limits for the measurement and limitation of risks applies to measurable risks only.

until further notice 3 (5) Responsibility for the different areas of management is determined by legislation, an investment firm s internal regulations and guidelines and the firm s size. The Financial Supervision Authority takes the view that an investment firm s board of directors has a key role in defining the principles and procedures of internal control and in implementing internal control. The investment firm or financial holding company operating as the parent undertaking of a consolidation group shall be responsible for laying down the group s strategies and policies with regard to risk management and other aspects of internal control. The administrative body exercising supreme decision-making power in the parent undertaking of the consolidation group shall supervise on a comprehensive basis that the controlled organizations adhere to the principles of internal control. Such responsibility of the supreme administrative body does not, however, relieve eg the board of directors of an investment firm operating as a subsidiary of the group of the responsibility for organising internal control within their own organization. General principles of internal control The following principles are common to all aspects of internal control: a) Internal control must promote a corporate culture that accepts internal control as a normal and necessary element of business. b) Internal control must cover all activities of an investment firm. Such control needs to be commensurate with the risks inherent in different operations. Particular attention needs to be focused on new products, new business areas and crossborder operations. c) The parent undertaking of an investment firm s consolidation group must see to it that adequate internal control is exercised by all undertakings in its consolidation group. d) If an investment firm purchases services from others, this must not lead to any deterioration in the investment firm s internal control. e) Internal control must include risk management systems that enable identification, assessment and control of all essential risks relating to the activities of an investment firm. f) Internal control must prevent acts of fraud, embezzlement and other malpractices. g) An investment firm must ensure that it has in place updated guidelines for key operations, including internal control of operations. h) Internal control should also include contingency planning so as to ensure the continuity of the investment firm s operations in the event of disruptions.

until further notice 4 (5) Contingency plans must be tested to ensure they can be implemented when the need arises. i) An investment firm s board of directors has a key role to play in establishing risk management policies and procedures and in implementing internal control, irrespective of the responsibilities that different administrative bodies may have on the basis of legislation, internal regulations and guidelines. An investment firm must pay particular attention to the following aspects of the individual elements of internal control: Management style and control culture 1) determine the investment firm s business strategies, operating principles and organizational structure; ensure an appropriate allocation of responsibilities, reporting relations and decision-making powers; and see to it that risk management and other aspects of internal control cover all activities of the investment firm and are commensurate with the risks inherent in its different operations; 2) establish quantitative and qualitative objectives for each field of operation and monitor their implementation; 3) ensure that staff have the requisite skills and are suitable for their tasks and that they have access to the information required to perform their tasks. Identification, assessment, limitation and control of risks 4) ensure that the risks inherent in the investment firm s business are identified and assessed; 5) approve the investment firm s risk-taking principles; establish policies for risk limitation and supervise compliance with such policies; 6) ensure that the investment firm has a risk control function that is independent of the risk-taking function.

until further notice 5 (5) Control activities and segregation of duties 7) ensure that internal control measures are an integral part of the daily operations of the investment firm and that conflicting duties are appropriately segregated and the procedures for key operations documented in writing; 8) ensure that the investment firm s staff do not handle, in their capacity as representatives of the investment firm, any business transactions of their own or concerning persons with whom they are closely related, or otherwise influence any decisions relating to such business transactions. Information and communication 9) ensure that the investment firm maintains information and communication systems that are adequate for decision-making and assessment of operations; 10) ensure that the investment firm maintains IT systems that are adequate with regard to its activities and organized in an appropriate fashion. Monitoring procedures and corrective actions 11) ensure that the internal audit function is organized in an appropriate fashion and operates in accordance with good internal audit practice; 12) ensure that the board of directors are informed of material findings made by the internal audit function, the auditors and the authorities; 13) review internal control and the adequacy of risk management on a regular basis and always when - operations expand into new markets; - new products are introduced; - there are or will be material changes in the operating environment; or - businesses are reorganized; 14) establish procedures to ensure that control systems are revised when deficiencies are detected. For further information, please contact: Capital Markets Department

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information