The Compliance and Internal Control (C&IC) Division
The role of the C&IC Division is to ensure that the FSC fosters and maintains an institutional framework that gives assurance that all applicable laws, regulations, rules/best practices and policies and procedures are adhered to.
The C&IC Division, as with any similar internal control mechanism, serves to:
- reinforce and preserve the integrity of the regulatory system being administered;
- ascertain and report the extent of non-compliance with established policies, plans, procedures, laws, and regulations and thereby promote improvement in compliance;
- assist in the identification of deficiencies in areas in the statutes, processes and practices which need to be addressed, including for harmonisation;
- aid in the strategic planning process by assisting in identifying and prioritizing risks;
- ensure openness and transparency of regulatory activities; and
- ascertain the timeliness, reliability, and usefulness of data developed and maintained.
The major responsibilities of the C&IC Division therefore include:
- Assessing operational processes to determine if these provide reliable safeguards in terms of compliance with relevant regulations and policies;
- Working in partnership with management to ensure policies and procedures are effective and efficient, and suggesting policies and procedures where appropriate;
- Serving as a resource to the organization in identifying the need for and characteristics of adequate systems of control;
- Developing and implementing review plans and programs that respond to both risk and cost-effectiveness criteria;
- Providing reports that identify internal control issues and make cost-effective recommendations to strengthen controls;
- Facilitating the resolution of findings with those who have the most direct involvement and accountability (i.e. the risk managers);
- Maintaining review standards, similar to generally accepted internal auditing standards to ensure effectiveness and quality; and
- Undertaking internal financial audit work
Areas that are considered for comparative measurement include:
- Statutory requirements of the FSC as detailed in the relevant Acts and Regulations, and summarized in the document, “Roles and Responsibilities of Commissioners & Management
- Current organizational Policies & Processes including standards and Supervisory Ladders developed
- International standards from IAIS, IOSCO, & IOPS, as well as GARP for Records Management, IFRS for accounting, and Best Practices identified for IT and HR, and
- FSAP outcomes
The C&IC Division in fulfilling its responsibilities will carry out risk assessments especially of the industry divisions, in order to identify and prioritize areas for review. Strategic work plans and detailed work programme would then be developed, based on the prioritization. Subsequent to the testing of control systems, findings identified would be documented for reporting, and would involve senior management presentations and submission to the Audit Committee of the Board of Commissioners. This would be followed up with a monitoring mechanism in order to ensure that any deficiencies identified would be addressed.
Further, the C&IC Division is available to undertake special projects (including confidential projects), as assigned, including special directions received.
The C&IC Division establishment includes a Senior Director as head of the Division, with two direct reports - a Manager, C&IC, and a Risk Officer. Two Senior Analysts report to the Manager. The remit of this C&IC Division extends to all operational units within the FSC, so in the staffing of this Division, a significant advantage is having experience in a regulatory environment and in internal control, as well as knowledge of the industries and relevant statutes administered by the FSC.