Financial institutions have traditionally had a heightened focus on the management of risk given the severe and long-lasting legal, regulatory, operational, financial, and reputational consequences.听听
Your fiduciary responsibility, as a financial institution鈥檚 board member, is critical in safeguarding against risk and fraud. Don鈥檛 allow your organization to be the next victim.鈥听
Here are some steps that you, as a board or committee member, can take to help your financial institution prevent risk and fraud:鈥听
Set the Tone at the Top and Establish Expectations听
Problems start with people; they鈥檙e any financial institution鈥檚 biggest vulnerability for control issues, exploitation, and fraud. That said, fully vetting high-level applicants and board members with a thorough background check is a start, but don鈥檛 forget to invest time and effort to fortify the institution鈥檚 culture, so all employees feel engaged and important.鈥
This can be accomplished by setting clearly defined expectations for ethical behavior and integrity through a code of conduct or ethics policy that applies to every financial institution employee, board, and committee member.鈥 Any violations should be addressed immediately.鈥听
Perform a Risk Assessment and Identify Internal Controls to Mitigate Risk鈥听
Don鈥檛 rely on 鈥渘egative assurance,鈥 or the assumption that no news is good news. All financial institutions face risks. But by establishing an ongoing process to assess risk, your financial institution can be proactive in mitigating risk, including the risk of fraud. Risk is mitigated by both the establishment of sound internal controls and ongoing assessment to ensure the internal controls are designed and operating as intended.鈥
Additional considerations to strengthen internal control environment and reduce risk for your financial institution鈥檚 include:鈥
- Segregation of Duties鈥痠n key processes, so that no single person is responsible or has access to perform the entire function or process.
- Authorization and approval鈥are key controls that prevent errors from occurring and can mitigate the risk of inappropriate transactions. An example of authorization and approval as an internal control is the review of application. 听New loans should be reviewed and approved based on approval authority established within the Institution.
- Monitoring Controls鈥are typically performed after the fact to detect errors or inappropriate transactions. An effective monitoring control is performed in a timely manner 鈥 e.g., loan review performed annually on loans that are above a certain threshold to determine if there are credit or compliance issues as well as detecting other trends within the portfolio. 听
Effective Governance and Ongoing Monitoring鈥听
Fraud prevention is not a check-the-box, one-and-done task. It鈥檚 an ongoing process that should be discussed at the board and executive management level. Board members need to ask questions about the effectiveness of internal controls, stay informed, and challenge management on emerging risks that could impact the control environment.鈥鈥
Are you interested in learning more? 熊猫视频 has experienced professionals who specialize in helping financial institutions and their boards identify, address, and appropriately reduce risk and fraud. Our advisors are available to discuss a tailored approach that could include one or more of the following services:
- Risk Assessment鈥
- Process and Controls Assessment
- Board Education and Board Effectiveness Review鈥
- Segregation of Duties Evaluation鈥
- IT Access, Change Management Process and Controls Assessment鈥
- Cybersecurity Controls Assessment鈥听
For more information, please contact your 熊猫视频 advisor or reach out to Kristy Clark, a 熊猫视频 principal specializing in risk advisory: [email protected] or 248.952.5000.听