TransAlta Corporation Energy Trading Compliance Program Assessment



Similar documents
September 2010 Report No

A&CS Assurance Review. Accounting Policy Division Rule Making Participation in Standard Setting. Report

Internal Control Questionnaire and Assessment

Service Organization Control (SOC) Reports Focus on SOC 2 Reporting Standard

COSO 2013 Internal Control Integrated Framework FRED J. PETERSON, PARTNER MOSS ADAMS LLP

The Role of Internal Audit in Risk Governance

POLICY SUBJECT: EFFECTIVE DATE: 5/31/2013. To be reviewed at least annually by the Ethics & Compliance Committee COMPLIANCE PLAN OVERVIEW

COSO Internal Control Integrated Framework (2013)

U.S. CFO Program The Four Faces of the CFO Deloitte Touche Tohmatsu

Enterprise risk management: A pragmatic, four-phase implementation plan

Fraud Prevention and Deterrence

AfDB New Procurement Policy: Training Program for the Bank s Procurement Staff. Risk-based design of Procurement Arrangements - Introduction

October 20, Sincerely. Anthony Chavez, CIA, CGAP, CRMA Director, Internal Audit Division

Internal Control Integrated Framework. May 2013

APEC General Elements of Effective Voluntary Corporate Compliance Programs

INTERNAL AUDITING S ROLE IN SECTIONS 302 AND 404

PENSION FUND OF THE PENSION PLAN FOR NON-PROFESSIONAL STAFF OF THE UNIVERSITY OF GUELPH. For the Year Ended September 30, 2011

TG TRANSITIONAL GUIDELINES FOR ISO/IEC :2015, ISO 9001:2015 and ISO 14001:2015 CERTIFICATION BODIES

UMDNJ COMPLIANCE PLAN

Broker-Dealer and Investment Adviser Compliance Programs

Business Conduct, Compliance and Ethics Program. important

MISSION VALUES. The guide has been printed by:

Viridian FLEXIBILITY YOUR WAY

APES 325 Risk Management for Firms

VCU HEALTH SYSTEM Compliance Program. Updated August 2015

Achieve. Performance objectives

AICPA Discussion Paper - Enhancing Audit Quality, Plans and Perspectives for the U.S. CPA Profession

How quality assurance reviews can strengthen the strategic value of internal auditing*

RISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide

OF CPAB INSPECTION FINDINGS

RESPONSIBLE CARE SECURITY CODE OF MANAGEMENT PRACTICES

EPA Victoria Engagement Policy ENVIRONMENT PROTECTION AUTHORITY

Supporting Effective Compliance Programs

Report on. Office of the Superintendent of Financial Institutions. Corporate Services Sector Human Resources Payroll. April 2010

INTERNATIONAL FRAMEWORK FOR ASSURANCE ENGAGEMENTS CONTENTS

IFIAR 2015 Member Profile - PCAOB

Consultation on the Regulation of Chief Risk Officer roles under the Solvency II regime Part 2 - Detailed considerations

Guidance for audit committees. The internal audit function

UNIVERSITY COMPLIANCE PLAN

The PNC Financial Services Group, Inc. Business Continuity Program

DTCC Board Code of Ethics

Key Points IBDs, RIAs and Advisors Need to Know

Risk, Risk Assessments and Risk Management. Christopher Bowler CPA, CISA August 10, 2015

National Network of Fiscal Sponsors. Guidelines for Comprehensive Fiscal Sponsorship

How to improve account reconciliation activities*

International Forum of Independent Audit Regulators Report on 2014 Survey of Inspection Findings March 3, 2015

Office of the Police and Crime Commissioner for Avon and Somerset and Avon and Somerset Constabulary

Audit of Mobile Telecommunication Devices

STANDARDS PROGRAM For Canada s Charities & Nonprofits

A COMPREHENSIVE GUIDE TO QUALITY CONTROL

Mental Health Resources, Inc. Mental Health Resources, Inc. Corporate Compliance Plan Corporate Compliance Plan

QUALITY AND INTEGRATED GOVERNANCE BUSINESS UNIT. Clinical Effectiveness Strategy (Clinical Audit/Research)

MSO/IPA Compliance Program

Singapore Exchange Sustainability Reporting Guide. Guide to Sustainability Reporting for Listed Companies

ZAG BANK BASEL II & III PILLAR 3 DISCLOSURES. December 31, 2014

[Paste client logos here]

II. Compliance Examinations - Compliance Management System. Compliance Management System. Introduction. Board of Directors and Management Oversight

AstraZeneca US Compliance Program

Job Grade: Band 5. Job Reference Number:

Auditor Independence Survey (ICAO)

The Regulatory Framework for Social Housing in England Governance and Financial Viability standard requirement: Governance Annual Assessment

Completion of CPE is Important!

How To Be A Successful Businessperson

CERTIFIED FINANCIAL PLANNER BOARD OF STANDARDS, INC. FINANCIAL PLANNING PRACTICE STANDARDS

FINRA Regulation of Broker-Dealer Due Diligence in Regulation D Offerings

Project organisation and establishing a programme management office

COSO s 2013 Internal Control Framework in Depth: Implementing the Enhanced Guidance for Internal Control over External Financial Reporting

COMPLIANCE MANAGEMENT SYSTEM

A REPORT BY THE NEW YORK STATE OFFICE OF THE STATE COMPTROLLER

Zurich Insurance Group. Our people 2014

MARKET CONDUCT ASSESSMENT REPORT

DEFINING OUR ROLE IN A CHANGING LANDSCAPE

Quality Assurance Checklist

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

APES 320 Quality Control for Firms

Fraud-Related Compliance

COMPANY LEVEL CONTROLS A PRACTICAL FRAMEWORK

Firm Update Form (Form 4-6A)

The University of Texas Health Science Center at Houston Institutional Healthcare Billing Compliance Plan JANUARY 14, 2013

QUALITY ASSURANCE POLICY

Enterprise Risk Management

Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE

THE GOVERNANCE OF RISK MANAGEMENT. Session 5

Audit Quality Thematic Review

Standards of. Conduct. Important Phone Number for Reporting Violations

Aboriginal Affairs and Northern Development Canada. Internal Audit Report. Audit of Internal Controls Over Financial Reporting.

ADVISORY SERVICES. Risk management in an evolving world. Making the case for social media governance. kpmg.com

Chapter 5. Planning the Audit Engagement

We are the regulator: Our job is to check whether hospitals, care homes and care services are meeting essential standards.

Transcription:

www.pwc.com/ca Energy Trading Compliance Program Assessment

Disclaimer We prepared this report based on information available at the time of its preparation. Our observations and conclusions are based on the study of documents and artefacts provided by TransAlta, and interviews with selected members of. Our work does not constitute an audit conducted in accordance with generally accepted auditing standards, an examination of internal controls or other attestation or review services in accordance with standards established by the Canadian Institute of Chartered Accountants ( CICA ). Accordingly, we do not express an opinion, attestation or other form of assurance 1 with respect to our work or the information upon which our work was based. We are not lawyers; and do not provide legal advice. Should further information come to our attention after the analysis was completed, the results expressed herein could change. The scope of our work was defined by and agreed with TransAlta. Our work was based primarily on the information supplied by those interviewed and we carried out this work on the basis that such information was accurate and complete. We did not check or verify the information provided to us, except to the extent expressly stated to form part of the scope of work. This report is intended solely for the internal use of TransAlta management. Any third-party use of this report or reliance thereon, or any decision made based on it, is the responsibility of such third party. We accept no responsibility for damages, if any, suffered by any third party as a result of decisions made or actions based on this report. 1 Per the CPA Canada Handbook Accounting, Assurance engagement means an engagement in which a practitioner expresses a conclusion designed to enhance the degree of confidence of the intended users other than the responsible party about the outcome of the evaluation or measurement of a subject matter against criteria. 2

Contents 1. Engagement 2. Framework for Assessment 3. Overall Results 4. Recommendations 3

1. Engagement Objective PricewaterhouseCoopers LLP ( ) was engaged by TransAlta to evaluate TransAlta s Energy Trading Compliance Program from a design and operational effectiveness perspective. Specifically, our objectives for the engagement were to: Assess the design of TransAlta s Trading Compliance Program in the context of our experience with other energy trading compliance programs and current energy Trading and Marketing industry practices. Evaluate whether the key components of the Trading Compliance Program designed by TransAlta had been placed into use and were effective for TransAlta s purposes. Provide recommendations for further improving the program. Approach We conducted the review of TransAlta s Energy Trading Compliance Program over 14 weeks from October 19, 2015 to February 5, 2016 and incorporated: Interviews with over 30 stakeholders including leaders and team members from various functions. Study of over 200 documents including policies, sample communications, meetings minutes, management reports, compliance risk register, training materials, KPIs, and summaries of recent investigations. Systems analysis to evaluate compliance monitoring tools and data sources. Analysis of sample transactions used by the monitoring tools to evaluate the functionality of the monitoring tools and assess data quality. We initially assessed the design of TransAlta Trading Compliance Program through documentation review and interviews. Subsequently, we evaluated how the program is functioning within the organization by analyzing samples of activities such as the risk register, evidence of sign-off on policies, use of monitoring tools, disciplinary actions and attending relevant TransAlta meetings to observe TransAlta personnel discuss and review Trading Compliance. 4

1. Engagement (cont d) Scope Our work was limited to the specific procedures and analysis described herein and was based only on the information made available until February 5, 2016. Accordingly, changes in circumstances after this date could affect the findings and recommendations outlined in this Report. Our conclusions should not be projected to future periods, or to specific transactions. Our work scope included studying program policies, procedures and documentation, recent compliance related issues, actions and decisions, and conducting interviews with key stakeholders. Specifically, we did not review: Any marketing and trading transactions to detect regulatory and legal violations; Whether or not the portfolio of trades or any specific trades, adhered to TransAlta s risk objectives and tolerances, or whether process and controls are in place to achieve TransAlta s risk tolerance objectives, The completeness of the compliance monitoring techniques used i.e. compliance risks may exist that neither TransAlta nor have identified. We did not evaluate TransAlta s compliance risks or assess TransAlta for evidence of non-compliance; Operational, regulatory, legal, risk, internal audit or other department objectives, policies and procedures related to their role in compliance, including processes in place to conduct compliance investigations and processes in place limiting the sharing of operational and trading information. 5

2. Framework for Assessment For this assessment, we used our Compliance Effectiveness Framework, which is based on s experience in compliance programs and outlines 10 key components for an effective compliance program, as follows: 6

3. Overall Results Design In comparing TransAlta s Trading Compliance (TC) program to industry practices*, we noted that TransAlta s Trading Compliance program currently includes the key elements required and normally seen at industry peers. We also observed that each of the 10 components of s Compliance Effectiveness Framework are reflected and addressed in the design of TransAlta s Trading Compliance Program. Operational Effectiveness From an operational perspective, TransAlta s program is meeting or exceeding current industry practice in each of the ten key components. We have made recommendations in five of the ten components, for management s consideration, to improve and strengthen the Trading Compliance Program s operational effectiveness. *Industry practices are dynamic and continually developed, changed and improved. To compare organizations, we consider transacting attributes and risk profile of the organization, geographical location and context complemented with standard practices guidance such as Committee of Sponsoring Organizations of the Treadway Commission (COSO), Federal Energy Regulatory Commission (FERC), Commodity Futures Trading Commission (CFTC), US Federal Sentencing Guidelines and Financial Industry Regulatory Authority (FINRA). Our interpretation of industry prevailing practices in the area of energy trading compliance for this engagement reflects our assessment of the capabilities of North American power and utility organizations that primarily transact in physical and financial energy markets in the United States and Canada. 7

3. Overall Results (cont d) Key Strengths of TransAlta Energy Trading Compliance Strong tone at the top that supports the organization s commitment to compliance. Risk assessment methodology to identify, manage and mitigate compliance risks. Clear and open lines of communication between Trading Compliance and the rest of the organization, which foster a sense of trust and reliance. Defined roles and responsibilities for independent governance of compliance staffed by professionals who are supported by the organization. Formally documented policies and procedures with regular reviews and updates, as needed. A formal, mandatory and recurring training program to educate TransAlta personnel on compliance. Implementation of monitoring tools to analyze trading transactions and relevant business communications for key compliance risks. Auditing procedures to continuously assess effectiveness of compliance programs. Formal and robust case management program to investigate instances of suspected and detected non-compliance. Enforcement procedures to discipline non-compliant behavior. The above noted foundational components are in place and have the appropriate structure to address and to support uncertainties dictated by changing business, regulatory and market impacts. With structurally sound building blocks in place, TransAlta should ensure continued focus on compliance to safeguard sustained focus as TransAlta s business expands. 8

4. Recommendations In the following five components, while the program meets or exceeds industry standards, we have made suggestions for greater operational effectiveness. Our recommendations to improve and strengthen Trading Compliance Program s operational effectiveness, for management s consideration, are as follows: Risk Assessment 1. Convene an annual cross functional communication mechanism to review the risk register for completeness and share information, as part of Trade Compliance s risk assessment process. 2. Provide the Trading Compliance support functions within TransAlta (i.e., Regulatory, Risk, etc.) with access to the Trading Compliance Risk Register on SharePoint. Roles & Responsibility 3. Cross-train current staff personnel in areas beyond their current responsibility to contribute to succession planning for Trading Compliance, and to mitigate potential risk of losing a critical employee. Training 4. Provide aspects of annual compliance training on a more frequent basis (i.e., quarterly or semi-annually). 5. Add a formal questionnaire soliciting direct feedback to improve annual training effectiveness. 9

4. Recommendations (cont d) Monitoring 6. Improve documentation of compliance monitoring tools from an input, process and output perspective to: - Ensure continuity of the knowledge base inherent in the development of the tools; and - Clearly state the scope of risks covered at the sub-category level and the methodology used to determine the triggers/threshold for each tool. Enforcement & Discipline 7. Include compliance performance in Trading and Marketing annual scorecards and Trader incentives to ensure that Trading Compliance violations have a clear and direct impact. 8. Create written tracking/reporting of historical repetitive warnings and perform reviews of traders to identify and evaluate patterns of non-compliance (i.e., repeated minor errors or warnings)*. *Across the industry, as part of the normal course of tracking and ensuring compliance, minor errors and infractions are self-reported and addressed as they arise by mutual agreement with regulators. 10

Thank you. Creating a distinctive client experience 2016 PricewaterhouseCoopers LLP, an Ontario limited liability partnership. All rights reserved.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information