Update Q&A

Great Expectations of Audit

Financial service internal audit departments will see more enforcement and fewer new regulations, says Mike Cowell, senior managing director and chief auditor at TIAA-CREF Financial Services.​

Comments Views

​What is the most important regulatory trend affecting financial services in 2015?

The financial services industry will likely see more enforcement of regulations rather than drafting of new legislation. Financial services firms will continue to focus on implementation of regulatory requirements that have been enacted since the financial crisis. Areas such as anti-money laundering, market abuse, tax-related issues, and high-frequency trading will continue to be priorities for regulators, which will require financial services firms to have a robust compliance program to detect, deter, monitor, and report on these activities. Additionally, cyberrisks will continue to drive the need for technological advances, resources, and enhancement to processes and controls to protect company and customer assets.

What are the implications of the COSO Internal Control–Integrated Framework update specific to financial services?

The enhanced 2013 COSO framework is not fundamentally different from the 1992 version; however, the updates are important. Firms should evaluate their existing internal control structure against the enhanced framework. In particular, firms need to assess the 17 principles outlined in the framework to determine whether they are relevant and verify these principles have been implemented in the organization. A plan of action should be developed and documented to remedy the difference, along with an expected time line and resources required to implement any changes in the organization's internal control structure. 

How have regulatory changes impacted the internal audit profession?

Since the financial crisis, expectations and demands of the internal audit function by regulators have been heightened. In particular, the U.S. Federal Reserve Bank and the Office of the Comptroller of the Currency have issued updated guidance and standards that address the characteristics, governance structure, auditor independence, and operational effectiveness of an institution’s internal audit function. In 2014, regulators began assessing against these standards during examination cycles, driving internal audit functions to assess programs continually against these heightened expectations and adjust accordingly.

Internal Auditor is pleased to provide you an opportunity to share your thoughts about the articles posted on this site. Some comments may be reprinted elsewhere, online or offline. We encourage lively, open discussion and only ask that you refrain from personal comments and remarks that are off topic. Internal Auditor reserves the right to remove comments.

 

 

Comment on this article

comments powered by Disqus
  • IIA AuditBoard_Nov 2019_Premium 1
  • IIA GAM_Nov 2019_Premium 2
  • IIA OnRisk_Nov_Premium 3