sonnel to implement corrective action, with
an appropriate time period for completion.
Internal audit or compliance could be assigned
to oversee that the remediation plan is being
managed in a timely manner. Otherwise, where
is the accountability?
mIkey man / Istock
It’s not enough to develop internal control
processes to identify and manage day-to-day compliance risks. To ensure that these
processes are actually being followed at the
granular level, institutions should consider
the following measures.
Facilitate communication in both direc-
tions. Identify line-of-business managers along
with personnel responsible for managing pro-
cesses and confirm that they possess a detailed
understanding of current procedures and com-
pliance requirements. These individuals must
be equipped to provide in-depth information
to the employees expected to carry out the pro-
cesses that are performed on a daily basis. They
also can provide management with valuable
input on the level of turnover in their respective
departments and the status of their operating
systems and internal training.
Initiatives related to fundamental compliance in daily transactions may well call
for additional investments in training and
education, but compliance should be viewed
as a cost reduction center, tasked with minimizing potential fines and penalties. It is not
enough to wait until the next examination to
relearn the fundamentals. Practice and live
them every day. ■