商业银行内部控制简介课件.ppt

上传人:sccc 文档编号:6158617 上传时间:2023-09-30 格式:PPT 页数:36 大小:125.51KB
返回 下载 相关 举报
商业银行内部控制简介课件.ppt_第1页
第1页 / 共36页
商业银行内部控制简介课件.ppt_第2页
第2页 / 共36页
商业银行内部控制简介课件.ppt_第3页
第3页 / 共36页
商业银行内部控制简介课件.ppt_第4页
第4页 / 共36页
商业银行内部控制简介课件.ppt_第5页
第5页 / 共36页
点击查看更多>>
资源描述

《商业银行内部控制简介课件.ppt》由会员分享,可在线阅读,更多相关《商业银行内部控制简介课件.ppt(36页珍藏版)》请在三一办公上搜索。

1、Introduction to Internal Controls内部控制简介,Federal Reserve System,2,Internal Control-Discussion Outline内部控制研讨提纲,Definition of Internal Control 内部控制的定义Explanation of Internal Control Concepts 内部控制概念的解释Discussion of Internal Control Breakdowns 内部控制的缺陷,3,Definition of Internal Control内部控制的定义,Current defin

2、ition in the U.S.-adopted for world-wide use 美国现行定义已为世界各国采用COSO-Internal control is a process effected by an entitys Board of Directors and Senior Management and other personnel designed to provide reasonable assurance regarding three objectives and five components 内部控制是为确保三项目标和五项元素而设计并由公司董事会和高级管理层以

3、及有关人员执行的一种程序,4,Three Objectives of Internal Control内部控制的三项目标,Effectiveness and efficiency of operations(including safeguarding of assets)运作有效(包括资产保护)Reliability of financial reporting 财务报表可靠Compliance with applicable laws and regulations合法合规,5,Five Components-Internal Control内部控制的五项元素,Control Enviro

4、nment-“tone at the top”控制环境“至关重要”Risk Assessment-managements identification of key risks 风险评估管理层对主要风险的认知Control Activities-entity level and activity level 控制手段面向公司层面和具体经营活动的控制手段Information and Communication-internal and external 内部之间以及对外的信息交流与沟通Monitoring-adequacy of controls over time 监控持续充分的管理,6,C

5、omponent 1-Control Environment元素一控制环境,Integrity&Ethical Values 品行与道德价值Commitment to Competence 竞争力Managements Philosophy/Operating Style 管理哲学/经营风格Organizational Structure 组织结构Assignment of Authority&Responsibility 权力与责任的分配Board of Directors or Audit Committee Participation 董事会或审计委员会的参与Human Resource

6、s Policies&Procedures 人事政策与程序,7,Integrity and Ethical Values品行与道德价值,Essential element 关键要素Impacts design of internal controls 影响内部控制的设计Prerequisite for ethical behavior 正当行为的先决条件Difficult to achieve-balance between employees,shareholders and public 难点在员工、股东与公众间寻求平衡Disincentives-pressure to meet targ

7、ets,high-performance rewards 阻力实现目标的压力,表现优秀的回报,8,Commitment to Competence竞争力,Appropriate levels of management and management review 恰当的管理与管理评价Job criteria and job specific skills 工作守则与能力要求Appropriate pay levels for work performed 按劳分配Nature and degree of judgment required 评价的性质与程度,9,Managements Phil

8、osophy/Operating Style管理哲学/经营风格,Formal versus informal management styles 正式与非正式的管理风格Impacts the institutions operations including the risk profile 影响公司的经营,包括风险预测Major impact on control issues 是控制问题的主要影响因素Attitudes toward financial reporting:对财务报告的态度:conservative or aggressive 保守还是激进,10,Organizationa

9、l Structure 组织结构,Framework for achieving entity-wide objectives 实现总体目标的框架Define key areas of authority and responsibility 划分权责部门Establish appropriate reporting lines 建立恰当的报告体系Centralized versus decentralized 集权与分权Depends on size and nature of activities 取决于业务的规模与性质,11,Assignment of Authority and Res

10、ponsibility权力与责任的分配,Responsibility for operating activities 各种经营活动的职责Establishment of reporting relationships 建立报告关系Authorization protocols 授权协议Limits on authority 对权力的限制Policies on business practices 经营政策Pushing down of responsibility 职责的下放,12,Board of Director and Audit Committee Participation董事会与

11、审计委员会的参与,Independence of Board and/or Audit Committee from management 董事会与/或审计委员会独立于管理层Experience and stature of Board members-new rules in the U.S.for SEC registrants 董事的资历与品行证券交易委员会对于注册人的新规定Involvement of the Board-critical to an appropriate control environment 董事会的参与对良好控制环境十分关键Appropriate informa

12、tion flows and scrutiny of management actions 良好的信息流动和对管理行为的审查,13,Human Resources Policies and Procedures人事政策与程序,Critical message to employees 对员工非常重要的信息Global written code of conduct 国际通行的书面行为准则Additional requirements for traders 对交易员的附加要求Practices on hiring,orientation,training,evaluating,counseli

13、ng,promoting,compensating and remedial actions录用、定岗、培训、考核、咨询、晋升、薪酬与福利的操作Ongoing involvement critical 持续参与十分重要,14,Component 2-Risk Assessment Objectives元素之二风险评估的目标,Identification and analysis of objectives 目标的确定与分析operations objectives 营运目标financial reporting objectives 财务报告目标compliance objectives 合规

14、目标Overlapping of objectives-complimentary and link 目标重叠补充与联系,15,Risk Assessment Objectives风险评估的目标,Activities to achieve objectives 实现目标的行动clear for each business line 对每项业务界定清晰multiple objectives for each activity 每项活动的多重目标Risk identification 风险识别entity level 公司层面activity level 经营层面product level 产品层

15、面,16,Risk Identification风险识别,Entity level 公司层面External:technology,changing customer needs,competition,legislation,economic changes 外部风险:技术风险,消费者需求变化的风险,竞争风险,法律风险,经济变化的风险Internal:systems disruption,quality of personnel,management changes 内部风险:系统崩溃,人员素质,管理层变更Activity level-Volume,automation levels 经营层

16、面经营规模,自动化程度Product level-Inherent risk,adequacy of controls 产品层面内在风险,控制的充分性Analysis and management of risk exposure 风险敞口的分析与管理,17,Component 3-Control Activities元素之三控制手段,Wide variety and range 非常广泛Can include preventative,investigative,manual or computer controls 包括预防性手段和调查性手段,人工手段和计算机手段Two essential

17、 elements 两个重要因素Policies 方针Procedures 程序,18,Preventative vs.Detective Controls预防性手段与调查性手段,Preventative-prevents undesirable events 预防性手段防止不利事件的发生Detective-reveals errors&irregularities that have already occurred 调查性手段揭示已经发生的错误和反常情形,19,Examples of Types of Control Activities控制手段例举,Authorization or ap

18、proval 授权或批准Verification 确认Reconciliation 协调Segregation of duties 职责分工Operating performance reviews 绩效考评Physical security of assets 资产的实际安全,Physical/logical security reviews 实际安全评估/理论安全评估Supervisory reviews 监管评估Two week vacation policy 两周休假政策System checks 系统检查Limits 限制Review of MIS data 管理信息系统数据评价,2

19、0,Component 4-Information and Communications元素之四信息交流与沟通,Identification-performed at all levels within the organization 识别在公司内部各级进行Capture-critical computer systems and MIS reports 获取重要的计算机系统和管理信息系统报告Exchange-appropriate staff obtain the information 交换由专人获取信息,21,Component 5 Monitoring元素之五监控,Ongoing A

20、ctivities-performed by management 持续进行的活动由管理层进行review of data and reports within the organization 评估机构内的数据和报告discussions with external parties 与外部有关各方商讨training seminars 培训研讨Separate Evaluations-performed by an independent function 独立评估由独立方进行internal audit,external audit,consulting,and peer review(s

21、mall bank)内部审计,外部审计,咨询,同行意见(小银行),22,Context of Controls控制内容,Entitys 公司层面:Size,organization,and ownership 规模、组织结构与所有权Nature of business 业务性质Diversity and complexity 多样性与复杂性Methods of transmitting,processing and retaining information 信息的传递、处理与留存方式Applicable laws and regulations 有关法规,23,Limitations限制,S

22、mall Offices 小型办公室Collusion 共谋Ignorance 忽视Pace of business 业务效率Judgment 判断Cost 成本Managements override 管理层越权,24,International Emphasis on Internal Controls各国对内部控制的关注,Basle Committee on Banking Supervision 巴塞尔银行监管委员会Framework for the Evaluation of Internal Controls 内部控制评估体系Policy Statement-Finalized S

23、eptember,1998 政策声明1998年9月定稿Identifies Causes of Recent Banking Problems 银行业新问题的产生原因,25,Internal Control Breakdowns-Basle Report内部控制的缺陷巴塞尔委员会报告,Lack of adequate management oversight and accountability;failure to develop a strong internal control culture 管理层监控不够充分,没有形成稳健的内部控制文化Inadequate assessment of

24、 the risks of certain banking activities or products 对部分银行业务、产品的风险的评估不够充分Absence or failure of key control structures and activities 关键的控制环节和手段缺乏或者失效,26,Internal Control Breakdowns-Basle Report(Cont.)内部控制的缺陷巴塞尔委员会报告(续),Inadequate communication of information between levels of management 不同层级的管理人员之间的

25、信息交流不充分Inadequate or ineffective audit programs and other monitoring activities 审计程序和监控活动不充分或无效,27,Examples-Internal Control Breakdowns内部控制缺陷举例,Barings 巴林银行:Hands-off management style 放任不管的管理风格Lack of segregation of duties 缺乏职责分工制度back office 后台front office 前台No Board of Directors involvement 董事会没有参

26、与内部控制Lack of response to audit issues 对审计发现的问题没有相应的整改措施Use of fictitious account 做假帐,28,Recent examples-not in Basle report 新案例巴塞尔报告中没有提到Allied Irish 联合爱尔兰Remote location 地点偏远Trader with incompatible duties 交易员责权不匹配Lack of internal controls 内部控制缺乏Lack of management understanding of risks 管理层对风险缺乏了解,

27、Examples-Internal Control Breakdowns内部控制缺陷举例,29,Other entities 其它公司Inadequate evaluation of new business risks 对新业务的风险评估不充分Insufficient segregation of duties 职责分工不充分Ineffective management oversight 管理层监控无效Absence of a separate monitoring mechanism 没有独立的监控机制,Examples-Internal Control Breakdowns内部控制缺陷

28、举例,30,Internal audit deficiencies-内部审计不足Untimely or piecemeal audits 审计不及时、不全面Ineffective follow-up of significant audit issues 对重大审计问题缺乏有效的跟踪机制Unfamiliarity with business procedures 不熟悉业务程序No training in sophisticated areas 缺乏对复杂领域的培训,Examples-Internal Control Breakdowns内部控制缺陷举例,31,Framework for th

29、e Evaluation of Internal Controls内部控制评估框架,Purpose:Use by bank regulators in evaluating internal control systems 目的:供监管者在评估银行内部控制体系时使用Consists of thirteen general principles applicable to all banking institutions 包括13条总则,适用于所有银行机构,32,Thirteen Principles13条原则,Management Oversight 管理层监控1-Board-Approves

30、 strategies,policies and risk appetite 董事会批准公司的经营战略、方针和风险偏好2-Senior management-Implements board strategies and policies 高级管理层执行董事会的战略决策和方针3-Board and Senior Management-Promote high ethical standards 董事会和高级管理层推动公司道德水平的提高,33,Risk Recognition Assessment 风险识别评估4-Senior Management-Identifies and evaluate

31、s risk factors 高级管理层识别并评估风险因素 Control Activities and Segregation of Duties 控制措施与职责分工5-Control Activities-Integral part of daily activities of institution 控制措施公司日常经营中不可或缺6-Senior Management-Ensures appropriate segregation of duties 高级管理层确保合理的职责分工,Thirteen Principles13条原则,34,Information and Communicat

32、ions 信息交流与沟通7-Senior Management-Evaluates adequate and comprehensive data 高级管理层对公司情况进行全面评估8-Senior Management-Provides effective channels of communication for relevant information concerning significant activities 高级管理层为重要信息提供有效沟通渠道9-Senior Management-Provides appropriate information systems for all

33、 activities 高级管理层为各种经营活动提供适宜的信息系统,Thirteen Principles13条原则,35,Monitoring Activities and Correcting Deficiencies 全程监控与错误纠正10-Senior Management-Monitors overall effectiveness of internal controls 高级管理层监控内部控制的整体效率11-Audit-Provides an effective and comprehensive audit 审计有效全面12-Audit-Ensures internal con

34、trol deficiencies are promptly reported to senior management 审计确保内部控制不足能及时反映给高级管理层,Thirteen Principles13条原则,36,Evaluation of Internal Control Systems by Supervisory Authorities 监管当局对内部控制系统的评估13-Supervisors-Require all banks to have effective internal control systems 监管者要求所有银行都建立有效的内部控制体系,Thirteen Principles13条原则,

展开阅读全文
相关资源
猜你喜欢
相关搜索

当前位置:首页 > 建筑/施工/环境 > 农业报告


备案号:宁ICP备20000045号-2

经营许可证:宁B2-20210002

宁公网安备 64010402000987号