{{item.title}}
{{item.text}}
{{item.title}}
{{item.text}}
The ripple effects of the current bank stress are being felt across the economy, reigniting fears generated in the 2008 financial crisis when interruptions to payments and flows of funds impaired the ability to do business.
To be resilient during this period of stress and to be better-prepared for any future stress events, getting risk and crisis scenario modeling right is essential. Internal Audit (IA) functions are well positioned to connect the dots across risk factors within the organization, independently identify potential impacts of the current environment and craft forward-looking considerations for executives and the audit committee.
The stress in banking has revived concern about the fragility of critical relationships and how single points of failure might cascade through a supply chain or an industry.
IA teams should consider revisiting how they define risk in the current environment and within their respective industries, recognizing that tail risks in a financial services crisis could manifest in a number of ways, and how the enhanced risk definition impacts the scope and timing of their audits.
Below we share our point of view on areas of immediate Internal Audit consideration, in conjunction with management. Chief Audit Executives (CAEs) may view these as conversation starters with first and second line risk response teams, yet the crucial point is to begin to talk about the issues. The conversations may illuminate other topics to investigate for potential weaknesses and remediation. In turn, that work can spur dialogue with the audit committee about the outcome of IA’s impact analyses.
No matter the industry, audit plan priorities are shifting amid the crisis. IA teams should focus on testing the risk mitigation activities and controls in areas such as:
Enterprise risk management - How is the program supporting risk assessment and the continuous monitoring and reporting of risk exposure against the company’s defined risk appetite?
Liquidity and asset-liability management - These areas could include testing for the issues that factored into the current bank stress such as quickly changing interest rate levels, inadequate investment risk management (corporations are likely concerned about their access to supposedly “safer” Treasury bill and/or money market accounts), and communication missteps to investors and the public.
Macroeconomic forces continue to shift and IA’s perspective will be needed to navigate the emerging reality.
IA can be reactive or proactive, but either way we believe that having a plan is the cornerstone of an effective response to this or any crisis. CAEs, with their organization-wide pulse on risk areas, can bring independent, holistic perspectives to crisis management and be the voice that communicates insights from the lines of defense to executive leadership and the audit committee.