Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

Whats the main difference between Internal Audit & Compliance specially in relation to Banking Industry?

user-image
Question added by Ali Nindwani , Manager - Compliance Division , askaribank
Date Posted: 2014/05/08
Mona AlShaghaa
by Mona AlShaghaa , Head of Internal Governance , Bank Aljazira

Internal audit and compliance are both important control functions in any bank.

While IA concentrates on assessing parts of the organization after the fact and looks at a process or department holistically, and in some cases may advise as is the more recent direction; compliance is involved before that. the role is to ensure that all regulatory requirements are made aware within the bank and implemented, also acts as the interface/ communicator with regulators.

the3 tier compliance resposiblity can be viewed as being (1) first and foremost, everybody's business as everyone is responsible to ensure the respective department understands and applies requirements, (2) compliance department, to monitor and report and support as needed, (3) internal audit to assess and test, after the fact.

 

Also, many times you would find that compliance either directly or via a committee provides updates to the audit committee as well as to the board of directors or via the audit committee.

 

it is a multifacetted relationship which can seem to have various overlaps, but mostly is not ..

Deleted user
by Deleted user

There are3 lines within financial risk management.1st line, which is the Bank's operations.2nd line which is a specialist risk and compliance function and the3rd line which is audit. it's called the three lines of defence model and is used in all Banks across the world. In this repsect, compliance are a second line oversight, advisory and challenge for any first line risks and risk control measures. They're involved in risk management everyday whereas audit will perform more thematic, sample based reviews to ensure that risk management controls are as effective as they are supposed to be.

Mohammed Salim Allana
by Mohammed Salim Allana , Compliance and Assurance Manager , United Arab Bank

As Gary explained the three lines of defense, where Compliance placed at second line to conduct business risk assurance using Risk based approach and provide their review report to the business and senior management.

 

While Internal controls / audit also review Compliance and AML functions effectiveness.

 

The department of Compliance, Internal Audit and Operational risks are mandatory by regulators to analyse, asses, mitigate and report the financial and non financial banking risk.

Mubashir Shahzad
by Mubashir Shahzad , Oracle Functional Consultant/ERP Business Analyst , Jaffer Business System

Internal audit is an appraisal activity, conducted by the entity , for the benefit of the entity.it is internal in terms of scope and objective.you make controls in place, monitor them and take corrective action.it is not legal or regulatory requirement.

Whereas, compliance, it is very important, comes from top like regulator instructions. some steps of doing business or practice are done in a specifc way i.e. fixed way, u can not deviate, so you test whether those practice are folowed or not.

More Questions Like This