What is the most important regulatory trend affecting financial services in 2015?
The financial services industry will likely see more enforcement of regulations rather than drafting of new legislation. Financial services firms will continue to focus on implementation of regulatory requirements that have been enacted since the financial crisis. Areas such as anti-money laundering, market abuse, tax-related issues, and high-frequency trading will continue to be priorities for regulators, which will require financial services firms to have a robust compliance program to detect, deter, monitor, and report on these activities. Additionally, cyberrisks will
continue to drive the need for technological advances, resources, and
enhancement to processes and controls to protect company and customer assets.
What are the implications of the COSO Internal Control–Integrated Framework update specific to financial services?
The enhanced 2013 COSO framework is not fundamentally different from the 1992 version; however, the updates are important. Firms should evaluate their existing internal control structure against the enhanced framework. In particular, firms need to assess the 17 principles outlined in the framework to determine whether they are relevant and verify these principles have been implemented in the organization. A plan of action should be developed and documented to remedy the difference, along with an expected time line and resources required to implement any changes in the organization's internal control structure.
How have regulatory changes impacted the internal audit profession?
Since the financial crisis, expectations and demands of the internal audit function by regulators have been heightened. In particular, the U.S. Federal Reserve Bank and the Office of the Comptroller of the Currency have issued updated guidance and standards that address the characteristics, governance structure, auditor independence, and operational effectiveness of an institution’s internal audit function. In 2014, regulators began assessing against these standards during examination cycles, driving internal audit functions to assess programs continually against these heightened expectations and adjust accordingly.